ClawHub

News Daily Local

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says by sending RSS news to Feishu, but its script disables HTTPS certificate checks while using a webhook secret.

Review before installing. Use only a Feishu webhook you are comfortable dedicating to this automation, store it as a protected environment variable rather than a checked-in config file, and fix the script to use normal TLS certificate verification before scheduling it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill documentation instructs users to run a Python script that reads configuration, consumes an environment variable, and performs network requests to RSS feeds and a Feishu webhook, yet the skill declares no permissions. This creates a transparency and review gap: operators may install and schedule code with broader capabilities than the manifest communicates, increasing the chance of unintended data access or outbound communication going unnoticed.

Context-Inappropriate Capability

Medium
Confidence
99% confidence
Finding
The script globally disables TLS certificate and hostname verification, then reuses that insecure SSL context for both RSS downloads and the Feishu webhook POST. This allows a man-in-the-middle attacker to intercept or modify fetched news content and potentially redirect or observe webhook traffic, defeating HTTPS protections.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README instructs users to place a Feishu bot webhook URL directly into a local config file but does not identify it as a secret or warn against committing it, sharing it, or leaving it with broad filesystem permissions. Webhook URLs function as bearer credentials for message sending, so exposure can let an attacker spam the group, send phishing content, or abuse the bot channel.

Missing User Warnings

Medium
Confidence
99% confidence
Finding
Disabling SSL verification for all outbound HTTPS requests silently removes transport authenticity and integrity guarantees. Because the script fetches remote content and sends messages to an external webhook, an attacker on the network path can tamper with inputs or interfere with outbound delivery without the user being warned.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal