ClawHub

CFO / Chief Financial Officer

Security checks across malware telemetry and agentic risk

Overview

This appears to be an informational CFO guidance skill with no executable behavior or hidden access requests.

This skill looks safe to install as informational guidance. Users should still avoid pasting confidential financial records, investor materials, or credentials unless they intentionally want their agent to analyze that data in the current session.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Unrestricted Tool Access

Medium
Category
Excessive Agency
Content
4. Future round assumptions
5. Exit scenarios

**Tool:** Cap table spreadsheet with scenario tabs.

## Investor Updates
Confidence
85% confidence
Finding
Tool:*

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal