ClawHub

Podcasts

Security checks across malware telemetry and agentic risk

Overview

This appears to be a podcast-management skill with local podcast storage and transcription tooling, but users should be aware it may keep local listening-related records.

Install only if you are comfortable with the agent maintaining local podcast records in ~/podcasts/ and running media-download/transcription tools when you ask it to process episodes. Use explicit podcast commands and review/delete the local folder if you do not want listening history or summaries retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrase "what's new?" is highly generic and can easily appear in normal conversation unrelated to podcasts. That makes accidental skill activation plausible, which could cause the agent to read or modify podcast-related state, generate summaries, or shift the conversation unexpectedly without clear user intent.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The condition "User mentions a podcast" is overly broad because merely referencing a podcast title, host, or episode in conversation could invoke the skill. In an agent environment, this can lead to unintended subscription changes, queue updates, or other stateful behavior based on incidental mentions rather than explicit commands.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs the agent to persist data under ~/podcasts/ and implies ongoing updates, but it does not disclose storage behavior, retention, or when writes occur. This is risky because users may not realize the skill creates local records of subscriptions, listening history, summaries, and guest tracking, creating privacy and consent issues in addition to unexpected file modifications.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal