ClawHub

Solidot 资讯推送

Security checks across malware telemetry and agentic risk

Overview

This skill fetches Solidot headlines and saves or sends them to Feishu, which matches its stated purpose.

Install this only if you want Solidot headlines collected and optionally written to a Feishu document. Use a token scoped to the intended document, expect $WORKSPACE/solidot-push.md to be overwritten when no token is set, and add the cron job only if you want recurring daily execution.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill documentation describes network access to Solidot, use of environment variables, and optional pushing to a Feishu document, but it does not declare corresponding permissions. Missing permission declarations can prevent informed consent and make downstream systems underestimate the skill's ability to access external services and use sensitive configuration like tokens.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The skill docs do not clearly warn that running the script may overwrite a local workspace file and may publish content to a Feishu document when a token is present. This is a transparency and safety issue because users may trigger data writes or external publication without understanding the side effects.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The script transmits collected content to a remote Feishu document when FEISHU_DOC_TOKEN is set, but it does not present an explicit, user-facing warning or confirmation at the point of exfiltration. In an agent skill context, silent off-host writes can surprise users and may disclose browsing-derived data to third-party services without informed consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal