ClawHub

Ai Seo Content Engine

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed SEO automation workflow, but it can repeatedly publish AI-written posts to a live blog without approval and uses a plain HTTP admin API placeholder with an API key.

Review and modify the workflow before activating it. Use HTTPS for the blog admin API, add a manual approval or draft-only step before publication, remove unsupported first-person testing claims unless you provide real review notes, and use dedicated low-privilege credentials for OpenAI, Sheets, SMTP, and the blog API.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill automates scheduled publication of AI-generated content to a live blog, but the description does not prominently warn operators that activation can cause unattended writes to production. This increases the risk of accidental defacement, reputational damage, SEO poisoning, or publication of low-quality/hallucinated content if the workflow is enabled without safeguards.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill sends generated content and operational metadata to third-party services including OpenAI, Google Sheets, and likely SMTP/email, but it does not clearly warn users about those external data transfers. This can lead operators to expose unpublished content, prompts, article metadata, or contact information to external processors without informed consent or compliance review.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The workflow automatically publishes LLM-generated content to an admin API using an authentication key, with no visible review, confirmation, or moderation checkpoint. In a content pipeline, this creates a direct path for prompt-injected, hallucinated, defamatory, or policy-violating output to be pushed into production using privileged credentials.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal