ClawHub

Dex

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Dex CRM integration, but it can read and change sensitive CRM records, so users should approve setup and destructive actions carefully.

Install this only if you trust Dex, the Dex MCP server, and the @getdex/cli package with your CRM data. Review which AI clients receive MCP access, keep the API key private, and require explicit confirmation before any bulk edit, deletion, merge, note creation, reminder creation, or contact update.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The reference explicitly documents multiple destructive operations such as deleting contacts, tags, groups, notes, reminders, and custom fields, but provides no warning that these actions are irreversible or should require extra confirmation. In a personal CRM skill, accidental invocation or automated misuse could lead to loss of relationship data, notes, reminders, and organizational metadata, making this a real safety issue even though it is not direct code execution.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger examples for meeting prep are broad enough that an agent may activate this workflow from ordinary conversational statements rather than an explicit request to access CRM data. In a personal CRM context, unintended activation can expose sensitive relationship history, notes, reminders, and custom-field data without sufficiently clear user intent.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The post-meeting trigger includes a very common phrase ('I just met with X') that can appear in normal conversation without implying consent to write CRM notes, reminders, or contact updates. In this skill, that ambiguity is risky because it may cause unintended creation or modification of personal CRM records containing sensitive professional and personal information.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The reference documents multiple irreversible delete operations for tags, groups, notes, reminders, and custom fields, but only the contact deletion endpoint explicitly says to confirm with the user first. In an agent skill, inconsistent confirmation guidance creates a real risk that the assistant will perform destructive actions immediately based on ambiguous or mistaken prompts, leading to permanent data loss in the user's CRM.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal