ClawHub

Office Hour Legends

Security checks across malware telemetry and agentic risk

Overview

This skill is purpose-aligned but should be reviewed because it can access sensitive meeting transcripts and save derived notes without a strong consent or retention gate.

Install only if you are comfortable letting the agent access Fathom meeting metadata and, after selection, full transcripts. Avoid using it on meetings with confidential third-party content unless participants consent and you are comfortable with local session notes being saved. Prefer a no-save or manual-save workflow for sensitive calls, and review any Bookface or credential setup separately before enabling optional private-source research.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README describes fetching and processing full meeting transcripts, participant names, AI summaries, and action items from Fathom, but the user-facing flow emphasizes convenience rather than explicit privacy, consent, retention, or sharing warnings. Because transcripts can contain sensitive business, personal, or third-party information, unclear disclosure increases the risk of unauthorized or overbroad processing, especially for meetings involving other participants who may not expect their content to be ingested into an AI workflow.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger phrases are broad enough that the skill could activate on generic requests like 'review my pitch' or 'brainstorm with <legend>' without the user intending persona simulation or transcript access. In this skill, unintended activation is more dangerous because it can lead to loading local persona files, optional web research, and transcript workflows involving sensitive business conversations.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs retrieval of Fathom meeting data and saving session documents, but it does not require a clear user-facing warning that sensitive transcript content and derived notes may be accessed, processed, and persisted locally. This is risky because meetings may contain confidential fundraising, customer, or personnel information, and persistence increases the blast radius of accidental disclosure.

Session Persistence

Medium
Category
Rogue Agent
Content
- Read
  - Grep
  - Glob
  - Write
  - Edit
  - AskUserQuestion
  - WebSearch
Confidence
88% confidence
Finding
Write - Edit - AskUserQuestion - WebSearch - WebFetch - Bash(~/.claude

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal