ClawHub

Newsletter Curation

Security checks across malware telemetry and agentic risk

Overview

This is a coherent newsletter-writing skill that uses a third-party CLI, with visible but manageable risks around installer trust and external posting commands.

Install only if you trust inference.sh and are comfortable reviewing its installer or using the manual checksum path. Review every proposed infsh command before running it, especially x/post-create or anything that could publish publicly, and avoid sending confidential topics, subscriber data, or sensitive business plans to external search or generation apps.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The quick-start instructs users to pipe a remote script directly into the shell, which creates a supply-chain and arbitrary code execution risk if the remote endpoint, CDN, DNS, TLS trust chain, or published script is compromised. The adjacent install note attempts to reassure users about installer behavior, but that claim is not enforced by the command itself and may reduce appropriate caution.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation demonstrates social-media post creation without a clear warning that the content may be sent to an external publishing workflow, which can surprise users and increase the risk of unintended public disclosure or reputational harm. In an agent setting, examples strongly shape behavior, so missing user-facing warnings around outward communication is materially risky.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal