ClawHub

Local Lead Gen

Security checks across malware telemetry and agentic risk

Overview

This skill clearly describes lead generation, but it can automatically scrape contacts and send cold emails from the user’s account without a final approval step.

Install only if you explicitly want automated cold outreach. Run with --dry-run first, review every recipient and message before sending, add an explicit send-confirmation gate, enforce suppression and unsubscribe handling, and make sure your use complies with anti-spam, privacy, provider, and website terms.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill explicitly instructs users to export API keys and use OAuth/SMTP-backed services, which means it relies on sensitive environment-based credentials despite having no declared permissions. This creates a transparency and governance gap: a user or host system may invoke the skill without understanding that it can access secrets and perform external actions such as emailing or data export.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The description uses broad triggers like 'prospecting local businesses' and 'setting up recurring business development workflows,' which can match ordinary business-assistance requests and cause the skill to activate unexpectedly. Because the skill performs scraping, enrichment, and cold outreach, overbroad invocation increases the risk of unintentional collection and transmission of third-party data.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill automates scraping business data, extracting contact emails, sending cold emails, and logging leads to third-party systems, yet it provides no warning about privacy implications, consent, data retention, or external transmission of collected information. In context, this is especially risky because the skill is designed for scaled outbound prospecting, which can expose personal or business contact data, trigger compliance violations, and lead to unauthorized messaging.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The script automatically sends cold outreach emails to addresses harvested from target websites once a score threshold is met, with no explicit per-recipient confirmation, review gate, consent check, or compliance safeguard. In this skill's lead-generation context, that behavior is core functionality, but it still creates real abuse, spam, and regulatory risk because it can contact third parties at scale using scraped contact data.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
When DEEPCRAWL_KEY is present, the script sends target site URLs, including derived /contact pages, to a third-party crawling service without a clear runtime disclosure or user acknowledgment. This exposes third-party website content and browsing targets to an external processor, which can create privacy, confidentiality, and policy/compliance issues, especially in an automated prospecting pipeline.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal