ClawHub

Subscription Manager Pro

Security checks across malware telemetry and agentic risk

Overview

This is a local subscription tracker that stores user-entered subscription records on disk and does not show hidden network, credential, or destructive behavior.

Install only if you are comfortable storing subscription and spending details locally in JSON. Treat "cancel" as marking or removing the local tracker entry; you must still cancel the real subscription with the provider. Avoid using --permanent unless you have backed up records you may need.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The natural-language examples are broad enough that an agent could plausibly match ordinary user conversation and invoke this skill unintentionally. In a skill that can add, remove, or alter locally stored subscription records, accidental triggering can lead to unauthorized data modification or misleading financial tracking state even without any malicious code.

Missing User Warnings

Low
Confidence
73% confidence
Finding
The README says users can "Cancel my Hulu subscription," but does not clarify that this removes or changes only the skill's local tracking data, not the actual vendor subscription. That ambiguity can mislead users into thinking a real service was canceled, potentially causing missed charges, billing surprises, or stale records.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The invocation guidance is broad enough to trigger on ordinary conversations about bills, service costs, or spending audits, which can cause the skill to activate without clear user intent. That increases the chance of collecting or persisting sensitive financial/service data when the user was only asking a general question, especially because this skill writes records locally.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill states that detailed subscription records, reminders, and history are stored locally, but it does not prominently warn users that personal financial/service data will be written to disk. Because records may include service names, costs, renewal dates, notes, cancel URLs, and usage history, silent persistence can expose sensitive lifestyle and financial information to other local users, backups, or malware.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The `remove` command supports a `--permanent` flag that immediately deletes subscription records from the local data store without any confirmation prompt, dry-run, or undo mechanism. In an agent or automation context, a mistaken invocation, malformed prompt-to-CLI mapping, or deceptive instruction could irreversibly erase user data with no recovery path.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal