ClawHub

Appointment Booking System

Security checks across malware telemetry and agentic risk

Overview

This booking automation is coherent, but it needs review because public webhooks can create or change appointments and it handles customer contact and appointment data with limited safeguards.

Install only after securing the n8n webhooks, especially booking/confirm, with authentication or signed expiring per-booking tokens. Use dedicated Google Sheets and SMTP credentials, restrict sheet and inbox access, define retention/privacy rules, sanitize free-form notes before putting them in email HTML, and test the no-show workflow before enabling scheduled runs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill processes personally identifiable information and potentially sensitive appointment data including names, email addresses, phone numbers, service details, notes, and attendance status, but provides no privacy, retention, access control, or regulatory compliance guidance. In contexts like clinics or other service businesses, this can lead to insecure handling, overcollection, unintended disclosure, and noncompliance with privacy obligations.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The workflow exposes a public POST webhook at `booking/new` with no authentication, signature validation, secret token, IP restriction, rate limiting, or other invocation constraint shown in the workflow. In this appointment-booking context, that enables anyone who discovers the endpoint to submit arbitrary bookings, spam staff/client email flows, and pollute the Google Sheets backend with attacker-controlled data.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The webhook allows anyone who can reach the endpoint to change a booking's status by supplying only a booking_id and action, with no authentication, authorization, signature verification, or confirmation step. In this appointment-booking context, that means attackers could confirm or cancel arbitrary appointments, causing service disruption, no-shows, lost revenue, and integrity damage to the scheduling data stored in Google Sheets.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal