ClawHub

Intel Search — News, Earthquakes, Iran, Tech

Security checks across malware telemetry and agentic risk

Overview

This skill appears to fetch public World Monitor-style news and OSINT data, cache it locally, and search it, with no evidence of credential access, private-file indexing, exfiltration, or destructive behavior.

Install only if you want a Node/Playwright-based skill that fetches public World Monitor-related data and stores a local searchable cache. Run fetch/update commands intentionally, expect outbound network traffic and local storage under ~/.openclaw/intel-data/, and treat Telegram/Polymarket/OSINT results as unverified source material.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill metadata presents this as a simplified search tool for news, earthquakes, Iran, tech, finance, and layoffs, but the fetch logic also captures and summarizes Telegram OSINT, Polymarket prediction-market data, and strategic risk endpoints. This scope expansion is risky because it silently gathers more sensitive and potentially surveillance-oriented intelligence data than users would reasonably expect, increasing privacy, trust, and policy-compliance concerns.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The README tells users to run `node scripts/fetch.mjs` but does not disclose that this step performs outbound network requests and writes fetched content to a local data directory. In a skill ecosystem, undisclosed network and storage behavior reduces informed consent and can surprise users or agents operating in restricted environments, even though the described behavior is consistent with the skill's stated purpose.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill description contains very broad trigger phrases such as "what's new" and multiple open-ended topics, which can cause the skill to activate for many unrelated user requests. That increases the chance of unintended tool execution, including network/package installation steps, when the user did not specifically ask to use this skill or fetch external data.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The "When to Use" section says to use the skill for news, regional topics, earthquakes, finance, layoffs, or any keyword, which is effectively unconstrained activation. In context, this is more dangerous because the skill's first-step fetch command performs npm install and Playwright installation, so accidental activation can trigger unnecessary code download and external access.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal