ClawHub

OEE Social Research

Security checks across malware telemetry and agentic risk

Overview

The skill mostly matches its social-research purpose, but it sends queries to several third-party services, stores research terms locally, and has an import path issue that could load code outside the reviewed files.

Review before installing. Use it only for topics you are comfortable sending to public search/social services, and assume research terms and resulting briefings may remain on disk under the skill directory. Also verify the installed package layout so it imports the bundled fxtwitter.py rather than an unrelated ravens module.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Intent-Code Divergence

Medium
Confidence
82% confidence
Finding
The docstring says Tier 2/3 network calls are bypassed, which suggests reduced network activity, but the function still performs `lookup_tweet` calls that may contact FxTwitter. In an agent skill, misleading claims about network behavior can cause operators to expose topics or data externally when they believe processing is local-only or pre-fetched-only.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger phrases include very common conversational language such as "what are people saying about" and "what's the buzz on," which can cause the skill to activate unexpectedly during normal user interactions. In an agent environment, this can lead to unintentional social-media retrieval, web searching, and possible browser scraping, expanding data exposure and external network activity without clear user intent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The description explains the retrieval tiers but does not warn users that the skill may perform browser scraping and store cached results and briefings locally. This omission weakens informed consent and makes it easier for an agent or user to invoke external fetching and local persistence without realizing the privacy, compliance, and data-retention implications.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
User search queries are written to local log files without consent or a clear warning. In this skill's context, topics may include sensitive investigations, internal interests, or personal data, so persistent logging creates privacy, insider-risk, and forensic exposure beyond the user's apparent request.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill caches both raw query strings and retrieved results to disk automatically. Because this is a social research/intel collection tool, cached content can reveal what was investigated and preserve third-party content locally, increasing privacy and data-handling risk if the host is shared or compromised.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The generated briefing is always saved to disk without prior notice. Since briefings summarize potentially sensitive investigative topics and selected social content, automatic persistence may leak analyst intent or collected intelligence to other local users, backups, or incident responders.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal