ClawHub

party-planner-pro

Security checks across malware telemetry and agentic risk

Overview

Party Planner Pro is a coherent local event-planning skill, but users should treat guest, dietary, venue, vendor, and budget data as sensitive.

Install only from a trusted copy, inspect the setup commands before letting an agent run them, and back up data before uninstalling. Share only the guest contact, allergy/dietary, address, vendor, and budget details needed for planning, and treat exported reports as private because they can summarize sensitive event information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The setup prompt instructs an agent to execute shell commands that create directories, copy files discovered via broad `find` patterns, change script permissions, and run a shell script, all without any confirmation, provenance checks, or safety warning. In an agent context, this is risky because the agent may perform filesystem modifications and execute unreviewed code automatically, increasing the chance of unintended or adversarial installation behavior.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The uninstall instructions include a recursive force delete of the skill directory and note backups only briefly, which can lead to irreversible data loss if executed carelessly or if the path is modified in a broader context. In agent-driven workflows, presenting destructive commands as copy-paste instructions without safeguards makes accidental deletion more likely.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill advertises activation for very broad party- and event-related requests, which can cause the agent to engage its file-handling and planning workflows when the user may only want casual advice. Over-broad invocation increases the chance of unnecessary collection or persistence of sensitive guest, budget, or vendor information.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The example trigger phrases are generic enough to match ordinary conversation about parties or gatherings, which may invoke the skill outside the user's intent. Because the skill can read/write event data and handle personal information, accidental activation has meaningful privacy and integrity implications.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill is designed to collect and store sensitive personal data including guest names, contact details, addresses, allergies, and vendor information, but the top-level description does not clearly disclose local persistence or privacy implications up front. Users may share regulated or highly sensitive personal data without informed consent about storage.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The manifest defines storage for guest names, email addresses, phone numbers, dietary restrictions, allergies, and notes, which are sensitive personal data fields. Even though this file is only schema metadata, omitting any user-facing disclosure, consent, or data-handling guidance increases privacy risk because operators may collect health-related and contact information without adequately informing users or constraining its use.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script exports a shareable Markdown report that includes potentially sensitive personal and event information such as guest counts, dietary restrictions, venue details, task assignments, and vendor data, but it provides no warning, consent step, or redaction option before generating the file. In the context of an agent skill, this increases the risk of unintended disclosure because users may not realize the report is designed for sharing and may expose private planning data if the file is sent onward.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal