ClawHub

Get笔记炼金术

Security checks across malware telemetry and agentic risk

Overview

This skill openly handles private Get笔记录音 and archives distilled, privacy-reviewed results to Feishu, so it is coherent but should be configured carefully.

Install only if you want an agent to read private Get笔记录音 and archive distilled outputs into Feishu, with optional IMA or Feishu wiki sync. Keep scheduled scanning off unless you truly want automatic processing, verify the destination Feishu workspace and permissions, and manually review redaction results before syncing legal, client, financial, medical, or business-strategy recordings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrases are broad enough that ordinary requests about handling recordings could invoke a workflow that fetches note content, performs privacy review, and writes derived data to external systems. Because this skill processes highly sensitive transcripts from lawyers, consultants, and sales staff, accidental activation can lead to unintended collection, transformation, and storage of confidential information.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill describes automatic creation of Feishu tables and use of local config/tracking files, but does not provide a clear upfront warning that normal use writes derived content and metadata to external platforms and local files. In a workflow handling transcripts that may contain case details, client identities, strategies, and other regulated or confidential data, insufficient disclosure materially increases the risk of users authorizing data export without informed consent.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The documentation states that the skill will automatically create a Feishu Bitable app and persist returned identifiers into local configuration without mentioning user confirmation, preview, or rollback. In an automation skill that processes notes and syncs to external systems, silent creation/modification of remote resources and local state can cause unauthorized changes, misconfiguration, and accidental data exposure if triggered unexpectedly.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
Documenting writes to config.json and processed_notes.json without warning or consent is a real safety issue because these files affect future behavior and may store sensitive integration metadata such as app tokens, table IDs, or processing state. In this skill's context, modifying persistence files can silently alter synchronization targets, mask prior processing, or broaden the impact of a mistaken or malicious run across subsequent executions.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal