ClawHub

Claw Me Maybe - Beeper Desktop API & Multi-Platform Messaging

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Beeper messaging integration, but it can read and act on messages across connected chat accounts if you enable it.

Install only if you are comfortable letting Clawdbot access your local Beeper Desktop API and connected messaging accounts. Treat BEEPER_ACCESS_TOKEN like a password, scope your requests to specific chats or time ranges, and confirm the recipient, service, and message text before sending or changing chat state.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill advertises very broad natural-language triggers such as generic requests to show unread messages, search chats, or send messages. In an agent environment, this can cause accidental invocation for ordinary messaging-related prompts, leading the skill to access private message history or take actions like sending or marking messages as read without a clearly scoped confirmation boundary.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The introductory capability description emphasizes convenience but does not clearly warn that the skill can read message history, search across all connected networks, access contacts, and expose sensitive personal or business communications. Because the integrated services include highly sensitive platforms like WhatsApp, Signal, Slack, and iMessage, users may underestimate the privacy implications of enabling the skill.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill description highlights capabilities like sending messages, reacting, reminders, and marking chats as read, but it does not prominently warn that these are actions performed on the user's behalf and can alter chat state or communicate externally. In a conversational agent setting, insufficient warning increases the risk of unintended outbound messages or irreversible state changes from ambiguous user requests.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal