ClawHub

Pub Gog

Security checks across malware telemetry and agentic risk

Overview

This skill is a broad third-party AI/API gateway with email and SMS sending examples, but its Google Workspace framing and lack of privacy or confirmation guidance need review before use.

Install only if you intend to use SkillBoss/HeyBoss as a broad third-party AI and automation gateway, not just a Google Workspace CLI. Use a dedicated limited API key if possible, avoid submitting confidential documents, audio, images, prompts, phone numbers, or OTP codes unless the provider terms are acceptable, and require explicit approval before any email, SMS, batch send, or remote file download.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (7)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill documents outbound email and SMS/OTP actions but provides no guardrails requiring explicit user authorization, recipient verification, or warnings that data will be transmitted to third-party services. In an agent context, these are high-risk side-effecting operations that can enable spam, unauthorized messaging, or transmission of sensitive data if invoked from ambiguous prompts.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill advertises chat, scraping/search, document parsing, speech, and media APIs that send user-provided content to an external aggregation service and potentially onward to multiple model providers, yet it omits any privacy or data-handling warning. This increases the risk that users or downstream agents submit sensitive text, documents, audio, images, or URLs without understanding the external exposure.

External Transmission

Medium
Category
Data Exfiltration
Content
## Email

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
92% confidence
Finding
curl -s -X POST https://api.heybossai.com/v1/run \ -H "Authorization: Bearer $SKILLBOSS_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "model": "email/send", "inputs": {"to": "us

External Transmission

Medium
Category
Data Exfiltration
Content
## Document Processing

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
88% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
## Email

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
92% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
Send OTP:

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
94% confidence
Finding
https://api.heybossai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
Verify OTP:

```bash
curl -s -X POST https://api.heybossai.com/v1/run \
  -H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
90% confidence
Finding
https://api.heybossai.com/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal