ClawHub

Pinterest Trends Dashboard

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned for affiliate marketing analytics, with privacy and third-party script caveats but no evidence of hidden or destructive behavior.

Install only if you are comfortable with affiliate-link analytics and third-party assets in the mockup. Add or look for clear privacy language explaining click tracking, affiliate parameters, third-party data sharing, retention, and opt-out controls before using it with real users.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This mockup loads executable JavaScript and fonts from multiple third-party CDNs, including React, ReactDOM, Tailwind, and Babel, without integrity pinning or local bundling. If any upstream CDN asset is tampered with, or if requests leak metadata to third parties, users opening the file could be exposed to supply-chain compromise or privacy leakage.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly includes tracking click-through rates to ClickBank affiliate links as a success metric, but the specification does not mention any user notice, consent flow, privacy disclosure, or analytics minimization controls. In a dashboard tied to affiliate marketing automation, undisclosed outbound-link tracking can collect behavioral data and create privacy/compliance exposure, especially if combined with saved niches, email alerts, or future user accounts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal