ClawHub

ThreadClaw FastAPI (Queue + Publish)

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for Threads publishing through a FastAPI backend, but its activation and data-sharing scope need review before use.

Install only if you control and trust the configured FastAPI backend. Before use, narrow activation to explicit Threads requests, require confirmation before queueing, scheduling, or publishing, and review what user, tenant, chat, or session metadata the backend receives and stores.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The README instructs the agent to invoke the skill for broad user requests to generate, queue, schedule, or publish content, without clearly constraining activation to explicit Threads-related intent. This can cause overbroad triggering on generic content-generation requests and result in unintended backend calls that enqueue or publish social media content under the user's account or tenant.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger text is broad enough that ordinary user requests to generate, queue, schedule, or publish content could invoke this skill without the user clearly intending to send data to an external backend. Because the skill can transmit content and metadata to a configured FastAPI service, overbroad invocation increases the chance of unintended data disclosure or unintended posting actions.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documented payloads include potentially sensitive metadata such as chat_id, user_id, username, tenant_id, and session identifiers, but the skill does not clearly warn that this information will be transmitted to the backend. Users or operators may therefore disclose more identifying information than necessary, creating privacy and data-handling risks if the backend logs, stores, or forwards that metadata.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal