ClawHub

X Founder Operations

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly coherent for X account operations, but it asks an agent to automate social-account monitoring and handle DMs/mentions without enough privacy or approval boundaries.

Install only if you want an agent to help run an X account. Before enabling automation, require confirmation before posting, replying, or sending DMs; limit any X/API permissions to read-only until you intentionally grant write access; avoid ingesting DMs unless necessary; and define how logs and message content are stored, redacted, and deleted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
This skill is marked auto_invoke: true and includes broad triggers such as planning content, reviewing performance, drafting threads, and optimizing posting strategy. Those triggers overlap with common user requests, so the skill may activate unexpectedly and steer the assistant into reading local configs/watchlists or applying prescriptive account-operation behavior without explicit user intent.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The schedule explicitly automates checking mentions, replies, and DMs, which can involve collecting and processing private or sensitive user communications. Without a clear privacy notice, consent model, data-handling limits, and retention guidance, operators may deploy monitoring that surprises users or mishandles personal data, creating privacy and compliance risk.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal