ClawHub

Daily Digest

Security checks across malware telemetry and agentic risk

Overview

This skill is a read-only Gitee daily digest helper, with clear account-data access but somewhat broad activation wording.

Install only if you want an agent to read your configured Gitee account's notifications, pull requests, issues, and profile to produce a digest. Prefer explicit requests like 'show my Gitee daily digest,' and make sure the Gitee MCP server is scoped to accounts and repositories you are comfortable summarizing in chat.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The manifest description contains broad activation phrases such as "daily summary," "show my notifications," and "pending PRs and issues," which can match common user requests and cause the skill to trigger in situations where the user did not clearly consent to querying Gitee data. Because the skill accesses account notifications and repository activity, over-broad routing increases the chance of unintended data access and disclosure in the chat context.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs the agent to pull user notifications, pull requests, issues, and user identity details without a prominent user-facing warning that account and repository activity will be accessed. This can lead to surprise data exposure, especially if the skill is auto-invoked from broad prompts, because potentially sensitive work activity is aggregated and displayed without explicit notice at the skill interface.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal