ClawHub
Back to skill

Security audit

Automation Workflows Litiao

Security checks across malware telemetry and agentic risk

Overview

This is a non-executable automation playbook; the main risk is users connecting business tools without enough privacy and access-control planning.

Safe to install as an automation-planning guide. Before using its examples with live systems, classify the data involved, minimize fields sent between tools, use least-privilege OAuth scopes, test with dummy records, review vendor retention/compliance settings, and require explicit approval before turning on workflows that touch customers, payments, invoices, CRM records, or usage data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrases are broad enough to match common conversational language like 'automate' or 'save time', which can cause the skill to activate in contexts where the user did not specifically request workflow automation. Over-broad activation increases the chance of inappropriate routing, context leakage into the wrong skill, and unsafe advice being surfaced without sufficient user intent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill repeatedly recommends moving customer, payment, CRM, usage, and communication data across multiple third-party systems without warning about consent, data minimization, retention, access controls, or regulatory obligations. In practice, this can lead users to build workflows that expose sensitive business or personal data to unnecessary vendors or misconfigured integrations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal