ClawHub
Back to skill

Security audit

Rcm Pulse

Security checks across malware telemetry and agentic risk

Overview

The skill has a coherent RCM briefing purpose, but it includes recurring external posting/messaging behavior and ships a hardcoded Moltbook API credential.

Install only if you intentionally want a scheduled RCM briefing agent that can post or message externally. Before enabling it, remove and rotate the embedded Moltbook token, use scoped credentials from an environment variable or secret store, require manual approval before public posts or channel messages, and avoid putting PHI, patient details, or internal strategy into logs or outbound briefs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the agent to send generated content to external destinations (Telegram, Discord, and Moltbook) without any user confirmation, approval gate, or warning that data will leave the system. This creates a real risk of unintended data exfiltration, mistaken publication of inaccurate content, or disclosure of internal business context such as SparkChange-specific insights and competitor observations.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
This script contains a hardcoded bearer token and automatically sends it in an outbound API request. Embedding live credentials in source code is a real secret exposure issue because anyone with access to the file can reuse the token to access the associated API account, and the code provides no warning, scoping, or protection around that use.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.