ClawHub

Simplified Social Media

Security checks across malware telemetry and agentic risk

Overview

This is a coherent social media integration, but it can queue, schedule, or publish to connected accounts without a clearly required final approval step.

Install only if you trust Simplified and intend to let an AI workflow operate connected social accounts. Before any post, schedule, or queue action, manually confirm the exact account list, content, media, action type, and timing; prefer drafts for ambiguous requests and limit the API key/account scope where possible.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger list includes broad phrases like 'social media', 'post to', 'schedule post', and 'publish on' that can match common user requests and invoke a skill capable of making live external changes. Because this skill can create queued or scheduled posts on connected accounts, accidental activation materially increases the risk of unintended outbound actions.

Vague Triggers

Medium
Confidence
95% confidence
Finding
Single-platform names and generic analytics terms such as 'facebook', 'instagram', 'analytics', and 'impressions' are overly broad activation phrases for a high-impact skill. In context, the skill can access connected accounts and publish content, so ordinary discussion about platforms or metrics could unintentionally route the agent into this toolchain.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation instructs the agent to configure and use a remote MCP server that can post to external social accounts, but it does not prominently warn that these are real-world side effects affecting live accounts. This makes misuse or misunderstanding more dangerous, especially when combined with broad triggers and autonomous workflow language.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Defaulting to 'add_to_queue' when timing is unspecified creates a write action even when the user did not explicitly ask to publish or schedule content. In this skill's context, that means ambiguous requests can silently turn into real outbound content queued for connected social accounts, which is a significant safety risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal