ClawHub

Newstoday

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed news briefing skill that fetches public news sources and can optionally schedule user-controlled push alerts.

Install only if you want a broad news aggregator that can use web search/fetch and, if enabled, schedule recurring push briefings. Review your platform’s routing and notification controls so generic news requests do not invoke it unexpectedly, and use the provided push-off command if you no longer want scheduled alerts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The header comment states the script has no network calls, but the emitted prompt explicitly instructs an agent to WebFetch multiple external URLs. In an agent-skill context, prompting downstream tools to access the network is effectively network-capable behavior, so the comment is misleading and can cause reviewers or policy gates to underestimate external data exposure and SSRF-like fetch surface.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger list includes very generic phrases such as 'what happened today', 'breaking news now', and 'what's trending', which plausibly overlap with normal user conversation and other skills. In a voice- or chat-routed agent environment, this can cause unintended invocation, leading to accidental data access, noisy notifications, or execution of news-fetching actions without clear user intent.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The keyword list contains many broad, generic trigger phrases such as 'news', 'breaking news alert', 'trending topics', and multilingual variants that could cause the skill to be matched for common user requests without clear scoping to this specific product. In an agent marketplace or auto-routing environment, this increases the chance of overbroad invocation, user confusion, and unintentional access to external-fetching/news-push functionality beyond what the user intended.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal