ClawHub

Newslit

Security checks across malware telemetry and agentic risk

Overview

This Newslit skill is coherent but should be reviewed because it gives an agent broad authenticated API and raw proxy access through Membrane, including write/delete methods, without clear user-confirmation boundaries.

Install only if you are comfortable giving the agent authenticated access to your Newslit account through Membrane. Prefer using discovered, named Membrane actions, and require explicit user approval before any raw proxy request or any POST, PUT, PATCH, or DELETE operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The documented workflow permits `connection ensure` to create or attach to apps by arbitrary URL/domain and later use generic proxy requests, which materially expands capability beyond the declared Newslit/organization-management scope. In an agent setting, this scope drift can let prompts steer the skill into interacting with unintended third-party services or undisclosed endpoints, increasing the chance of unauthorized data access or exfiltration.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The invocation description is broad enough to trigger the skill for nearly any Newslit-related request, without boundaries around read-only vs. write actions or which data domains are in scope. Overbroad routing increases the risk that an agent will invoke powerful connection or request capabilities in situations where the user did not intend external actions or sensitive data access.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill instructs agents to send direct API/proxy requests through Membrane but does not explicitly warn that user data, prompts, or payload contents may be transmitted to an external service. In a tool-using agent environment, that omission can cause sensitive information to be sent off-platform without sufficiently informed user consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal