ClawHub

Daily Quote

Security checks across malware telemetry and agentic risk

Overview

This daily quote skill is coherent and disclosed, with optional scheduled push features that users should enable only intentionally.

Install is reasonable if you want both quote-card generation and optional daily push reminders. Before enabling push, confirm the target userId/channel and review any existing scheduler entries; disable it with the documented off command when no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Tp4

High
Category
MCP Tool Poisoning
Confidence
89% confidence
Finding
The skill’s declared purpose is a simple quote-card generator, but the documentation introduces materially different capabilities: scheduled push delivery, multi-channel outbound messaging, and user-specific state/config handling. This mismatch is dangerous because reviewers and users may grant the skill permissions or trust assumptions appropriate for content generation, while the actual documented behavior expands into notification automation and external delivery, increasing the chance of undisclosed data handling or misuse.

Description-Behavior Mismatch

Medium
Confidence
84% confidence
Finding
The documented push-notification management commands and multi-channel delivery features are outside the narrow scope of generating a daily quote card. Hidden or under-declared operational features can lead to unauthorized messaging, surprise persistence, or unnoticed use of external integrations, especially if users believe they are invoking only local content generation.

Context-Inappropriate Capability

Medium
Confidence
82% confidence
Finding
Scheduling recurring pushes and managing outbound delivery channels are not justified by the stated purpose of a quote-card generator, so they represent unnecessary capability expansion. In context, this makes the skill more dangerous because benign creative functionality is mixed with automation and messaging features that could be abused for spam, unwanted contact, or covert data flow to third-party services.

Missing User Warnings

Medium
Confidence
77% confidence
Finding
The skill instructs writing an HTML artifact into user storage without clearly disclosing that a file will be created and persisted. While generating an output file is consistent with producing a visual card, the lack of explicit user-facing disclosure reduces transparency and can create confusion about what is stored, where it is stored, and whether it may later be reused or served.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal