Back to skill

Security audit

Claw Me Maybe - Beeper Desktop API & Multi-Platform Messaging

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Beeper Desktop API integration that can read and change messages across connected chat accounts, so it is sensitive but coherent with its stated purpose.

Install only if you want Clawdbot to access your local Beeper Desktop API and linked messaging accounts. Treat BEEPER_ACCESS_TOKEN like a password, keep the API local unless you intentionally change it, and confirm recipient, platform, message text, and bulk actions before sending or changing chat state.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill invites broad natural-language requests such as sending messages, searching chats, and marking chats read across many personal and work platforms without strong scope constraints or confirmation guidance. In an agent setting, this increases the risk of overbroad activation and unintended actions on sensitive communications or accounts.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The manifest description is very broad and advertises generic messaging automation across many platforms, which can cause an agent to match or invoke the skill for loosely related requests. Because the skill can read and modify personal communications, ambiguous trigger language expands the chance of unintended access or outbound actions.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The capability description enthusiastically promotes cross-platform messaging and inbox actions but does not prominently warn that the skill can send, react to, mark read, and otherwise modify communications across personal and work accounts. In a multi-account messaging context, insufficient disclosure can lead to accidental high-impact actions affecting privacy, business communications, and message integrity.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.