ClawHub

Organizze Skill

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Organizze finance CLI, but it gives an agent broad ability to change or delete live financial records without clear confirmation safeguards.

Install only if you intend to let an agent access and modify your Organizze account. Before any create, update, transfer, delete, update_future, or update_all action, ask the agent to list the target records and confirm exact IDs and payloads. Store the Organizze token carefully and revoke or rotate it when you no longer use the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly documents a `delete <id>` operation but provides no requirement for confirmation, backup guidance, or warning about irreversible data loss. Because this skill is designed to manipulate live personal finance records, an agent could invoke destructive actions too readily and permanently remove user financial data.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The instructions direct users to create a `.env` containing API credentials but do not include any warning about protecting secrets, avoiding logs, or preventing accidental commits. In a finance integration, exposed email, token, or user-agent credentials could allow unauthorized access to sensitive budgeting and transaction data.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger description is broad enough to activate on many generic finance-related conversations such as budgets, expenses, income, categories, or bank accounts. In an agentic environment, overly broad routing can cause this skill to be invoked when the user did not intend to access or modify Organizze data, unnecessarily exposing financial context and increasing the chance of unintended API operations.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation exposes create, update, delete, and transfer operations against live personal-finance data but provides no explicit requirement to confirm destructive or state-changing actions with the user first. In this context, the skill can alter transactions, categories, accounts, transfers, and card-related records, so accidental invocation or ambiguous instructions could directly cause financial data loss, corruption, or unintended account changes.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal