ClawHub

Giantcampaign

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate GiantCampaign/Membrane integration, but it grants broad authenticated account-changing access with confusing scope and weak guardrails.

Review before installing. Use a restricted or test GiantCampaign/Membrane connection where possible, confirm the exact resource and action before any create/update/delete/pause operation, and avoid raw proxy requests unless you explicitly approve the endpoint, method, and payload.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The manifest advertises broad CRM-style management capabilities, but the body of the skill is focused on GiantCampaign marketing resources such as subscribers, lists, tags, and campaigns. This mismatch can cause an agent to invoke the skill for requests it cannot safely or correctly satisfy, increasing the chance of unintended actions on the wrong data domain.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The overview lists fantasy-game entities like Character, Location, and Quest instead of GiantCampaign resources, which is inconsistent with the rest of the file. In an agent setting, contradictory documentation can mislead tool selection or parameter construction, resulting in erroneous or unsafe operations against the external service.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The invocation description is very broad and may cause the skill to be selected for nearly any request involving GiantCampaign data. Over-broad routing increases the risk that the agent uses a powerful integration in situations where read-only lookup, confirmation, or a narrower skill would be safer.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documented action set includes destructive capabilities such as deleting lists, but the skill provides no guidance to obtain explicit confirmation or warn users before executing irreversible changes. In an autonomous agent workflow, this can lead to accidental deletion of marketing assets or data loss from ambiguous prompts.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill documents a generic authenticated proxy request mechanism that can send arbitrary requests to the remote API, but it does not warn that this enables direct modification or deletion of remote data. This broad capability bypasses safer pre-built actions and expands the attack surface for prompt-driven or mistaken state-changing operations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal