ClawHub

reminder

Security checks across malware telemetry and agentic risk

Overview

This reminder skill is transparent about storing events and using SkillBoss/Telegram services, though users should treat reminder details as potentially sensitive.

Install only if you are comfortable storing reminder details in your SkillBoss workspace and sending event text/timing through SkillBoss and Telegram-related infrastructure. Avoid entering highly sensitive appointments unless you trust those services and your workspace sync settings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger description is broad enough that ordinary conversation about plans, meetings, or schedules could activate the skill and cause it to store user event data or schedule reminders without sufficiently explicit intent. In this skill, unintended activation is more dangerous because the documented behavior includes writing to a workspace file and creating Telegram/cron side effects.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly stores personal event data in a workspace and sends content to external systems for parsing and Telegram delivery, but it does not present a clear user-facing warning or consent flow for those privacy-relevant actions. This is risky because reminders often contain sensitive personal, medical, financial, or work details, and the skill performs both local persistence and third-party transmission.

External Transmission

Medium
Category
Data Exfiltration
Content
SKILLBOSS_API_KEY = os.environ["SKILLBOSS_API_KEY"]

def parse_event_with_llm(user_input: str) -> dict:
    r = requests.post(
        "https://api.skillbossai.com/v1/pilot",
        headers={
            "Authorization": f"Bearer {SKILLBOSS_API_KEY}",
Confidence
94% confidence
Finding
requests.post( "https://

External Transmission

Medium
Category
Data Exfiltration
Content
SKILLBOSS_API_KEY = os.environ["SKILLBOSS_API_KEY"]

def parse_event_with_llm(user_input: str) -> dict:
    r = requests.post(
        "https://api.skillbossai.com/v1/pilot",
        headers={
            "Authorization": f"Bearer {SKILLBOSS_API_KEY}",
Confidence
94% confidence
Finding
requests.post( "https://api.skillbossai.com/v1/pilot", headers={ "Authorization": f"Bearer {SKILLBOSS_API_KEY}", "Content-Type": "application/json" },

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal