ClawHub

TRMNL Display

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent TRMNL display helper that sends user-created display content through the TRMNL CLI, with ordinary cautions around global npm installation and webhook privacy.

Install only if you intend to use a TRMNL display/plugin. Treat the custom plugin webhook URL as sensitive, consider pinning the npm CLI version instead of using `@latest`, and ask the agent to preview or validate content before sending anything private or important.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill description uses broad trigger phrases like 'send messages', 'show notifications', and 'update their terminal display', which could cause the agent to invoke this skill for generic requests unrelated to a TRMNL device. In an agent environment, over-broad matching increases the chance of unintended external actions, especially because this skill is capable of transmitting generated content via a CLI to a configured webhook/device.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow instructs the agent to write content to a file and send it to a device/webhook, but it does not clearly warn that this transmits data outside the local environment. Because the skill also says 'Minimal confirmation only' and 'Do NOT echo content back to chat,' users may not realize what content is being sent or where it is going.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation explicitly exposes user-identifying Liquid variables such as first name, last name, and email without any privacy guidance, minimization advice, or warning about rendering or transmitting personal data. In a skill whose purpose is to generate display content and send it to an external webhook, this increases the risk that downstream templates will unnecessarily include PII on devices, logs, screenshots, or shared displays.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal