ClawHub

Latte News Fetcher

Security checks across malware telemetry and agentic risk

Overview

This is a coherent news-fetching skill with disclosed web access, optional Tavily search, and local preference storage, with no evidence of hidden or destructive behavior.

Install if you are comfortable with the skill fetching public news pages, optionally sending search queries to Tavily, and saving your news preferences in the workspace. Avoid using it for private, localhost, intranet, or authenticated pages unless you explicitly intend that content to be accessed in the session.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly advertises external news retrieval and Tavily search but does not warn users that prompts, queries, or fetched content may be transmitted to third-party services. In an agent setting, this can cause unintended network access and data disclosure, especially if users include sensitive context while requesting news searches or RSS lookups.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrases are extremely broad and likely to activate on common conversation about news, RSS, subscriptions, or reading. Over-broad activation can cause the agent to invoke external browsing/fetching behavior unexpectedly, increasing the chance of unintended network access, privacy leakage through query propagation, or user-confusing actions in benign contexts.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The daily-use examples like '今天有什么新闻' and direct-site requests are ambiguous, making the skill likely to capture generic user requests that may not have been intended for this tool. In this context, the skill can initiate browser/web_fetch/Tavily activity and store preferences, so accidental triggering increases exposure to unnecessary network requests and cross-skill misrouting.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal