ClawHub

Subscription Sentinel

Security checks across malware telemetry and agentic risk

Overview

This skill has a clear subscription-tracking purpose, but it asks for sensitive email access, persistent financial-data storage, and possible browser-driven cancellations without enough safeguards.

Review before installing. Use it only with an email integration you trust, expect it to process sensitive billing messages, and do not enable browser-based cancellation unless the agent shows the exact service, account, official site, evidence, and consequences before each cancellation. Periodically inspect or delete subscriptions.json if you do not want subscription history retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README promotes scanning billing emails and potentially using browser automation to cancel subscriptions, but it does not clearly disclose the sensitivity of inbox contents, the risk of exposing financial/account data, or the possibility of irreversible account changes from automated cancellation. In an agent-skill context, these capabilities can trigger high-trust actions across email and web sessions, so under-warning users materially increases the chance of unsafe deployment or unintended actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the agent to access email receipts and persist subscription state, but it does not require a clear user-facing privacy notice, consent flow, or retention disclosure before collecting and storing sensitive financial data. This creates a real privacy/security risk because users may not understand that inbox contents and derived billing history are being read, inferred, and saved across sessions.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill mandates persistent overwriting of `subscriptions.json` without any user-facing notice or confirmation, causing durable modification of workspace state across sessions. In an agent context, silent persistence can surprise users, corrupt existing data, or create privacy and integrity risks if the file already contains important information or if inferences are wrong.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal