ClawHub

Podcast Transcript Mining Authority Positioning

Security checks across malware telemetry and agentic risk

Overview

This skill is not clearly malicious, but it asks for several external integrations that can send or publish transcript-derived business content without enough scoping or approval guidance.

Review this before installing if your transcripts include client, strategy, or private business discussions. Use dedicated least-privilege keys, a restricted Slack channel, and draft-only WordPress credentials where possible. Do not connect Zapier or publishing credentials unless you are prepared to manually approve what leaves the local agent and what may become public.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill declares Slack webhook access as a required capability even though transcript mining and authority-positioning can function without outbound team-notification privileges. Requiring a webhook broadens the attack surface and creates a path for unauthorized data exfiltration of transcript contents, derived summaries, or metadata to an external destination.

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
Zapier automation is not necessary for transcript analysis and pitch generation, and it can relay data into arbitrary downstream workflows. That makes the skill materially more dangerous because transcript data, contact details, or generated outreach content could be forwarded to many external services without clear boundary controls.

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
Zapier automation is not necessary for transcript analysis and pitch generation, and it can relay data into arbitrary downstream workflows. That makes the skill materially more dangerous because transcript data, contact details, or generated outreach content could be forwarded to many external services without clear boundary controls.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
Direct WordPress REST API integration gives the skill outbound write capability to an external system, which exceeds the minimal needs of mining transcripts. If abused or misconfigured, it could publish inaccurate, confidential, or prompt-injected content directly to a production website.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill lists multiple third-party integrations but does not warn users that transcripts, summaries, or other business-sensitive content may be transmitted outside the local environment. This is a security and privacy weakness because users may unknowingly expose confidential conversations, client information, or proprietary strategy to external processors.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The configuration section requests sensitive API keys and webhook URLs without accompanying guidance on storage, masking, rotation, or non-disclosure. That omission raises the risk of credential leakage through logs, prompts, screenshots, or accidental publication, which could enable unauthorized API use or external message delivery.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal