ClawHub
Back to skill

Security audit

🗞️ Crypto Daily Briefing - 币圈每日简报

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed crypto briefing skill, but it can send generated content to a fixed Feishu recipient without clear per-request user control.

Install only if you understand and control the Feishu destination. Confirm or remove the hardcoded open_id, require confirmation before sending messages, and verify the referenced miaoda-studio-cli before allowing the skill to run searches.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases are broad, common requests like “生成简报” and “每日行情,” making accidental activation likely in ordinary conversation. Because the skill performs external searches and may later push results outward, unintended triggering can cause unnecessary data processing and downstream disclosure risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill states that generated briefings may be pushed to Feishu but does not clearly warn the user at request time that content will be transmitted to an external service. This creates a privacy and data-handling risk because user-requested content and possibly surrounding context could be sent off-platform without informed consent.

Ssd 3

Medium
Confidence
98% confidence
Finding
The skill instructs automatic delivery of generated content to a fixed Feishu open_id without an explicit confirmation step. Sending content to a hard-coded external recipient is a significant data exfiltration risk, especially if user prompts, generated analysis, or embedded context are included and the recipient identity is not re-verified each time.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal