ClawHub

Prospector Lite — B2B Outreach Framework

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate B2B outreach skill, but it needs review because it can read mailbox context and send recurring cold emails without clear approval boundaries.

Install only if you intend to let an agent conduct B2B cold outreach. Use a dedicated sending account or labeled mailbox, review recipients and drafts before live sends, disable or tightly control the cron, and make sure your use complies with anti-spam, privacy, and opt-out requirements.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill metadata uses very broad trigger language such as 'any request to research and contact potential customers,' which can cause the skill to activate in situations the user did not explicitly intend as sales outreach. Because this skill includes instructions for external communications and inbox processing, overbroad activation increases the chance of unsolicited outreach or access to sensitive email context without clear user consent.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
These instructions direct the agent to inspect inbox replies and bounce messages as a mandatory first step, but they provide no privacy boundary, minimization rule, or confirmation requirement. That can expose unrelated or sensitive mailbox content to the agent during ordinary skill execution, especially if the mailbox contains personal, confidential, or regulated communications.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The cron setup instructs the agent to autonomously send outreach emails and BCC an address without an explicit user-facing warning or per-run confirmation for external communications. Autonomous outbound messaging creates material risk of unauthorized contact, spam/compliance issues, disclosure of business intent to third parties, and unnecessary copying of message content to the BCC recipient.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal