ClawHub

RSS & Atom Feed Generator

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only RSS/Atom feed generator whose network fetching is expected for its purpose, but users should avoid using it with private URLs or sensitive headers.

Install this only for generating feeds from public web pages. Do not give it private intranet links, tokenized URLs, cookies, bearer tokens, API keys, or sensitive request headers unless you intentionally want those values used by the selected fetch route.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
87% confidence
Finding
The routing guidance expands a simple page-fetching skill into authenticated LLM-mediated execution and OPAL agent routing, which increases capability beyond the minimum needed for RSS generation. That broader execution surface can cause unintended data disclosure, misuse of privileged credentials, or invocation of higher-trust tooling if a crafted prompt or configuration causes the agent to choose those routes.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill description uses broad activation language like 'any request to produce a feed URL or feed XML from a blog/news/post-list page,' which can cause the skill to trigger on loosely related user requests. Overly broad triggers increase the chance of unintended invocation, causing autonomous web fetching and file generation in contexts where the user did not clearly request this specific capability.

Vague Triggers

Low
Confidence
81% confidence
Finding
The trigger phrase 'Create a feed from {url}' is generic enough to overlap with normal conversation about social feeds, data feeds, or unrelated content generation. This can lead to accidental skill routing and unnecessary external fetches, though the impact is somewhat limited by the presence of a URL parameter.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The document instructs the skill to send target URLs and optional headers to external services, but it does not disclose that user-supplied URLs, request metadata, and potentially sensitive destinations may be transmitted to third-party infrastructure. In a feed-generation context, users may expect a local or direct fetch, so the omission creates a privacy and data-handling risk, especially if internal, private, or tokenized URLs are processed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal