ClawHub

Salesforce

Security checks across malware telemetry and agentic risk

Overview

This Salesforce skill is coherent but needs Review because it can read, export, and change sensitive CRM records using the user's Salesforce CLI login without clear guardrails.

Install only if you are comfortable letting an agent use your Salesforce CLI session. Before use, verify the target org, prefer a sandbox or least-privilege account, and require explicit approval before exports, imports, bulk upserts, or any record-changing command. Treat contact details, account notes, opportunity descriptions, and pipeline exports as confidential business data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The manifest description includes very broad trigger phrases such as CRM data, account info, deal lookup, and prospect email, which overlap with ordinary business requests and can cause the skill to activate in contexts broader than a user's clear intent. Over-broad invocation increases the chance the agent routes routine or sensitive business tasks into a skill that can query and modify Salesforce data, expanding access to CRM records unnecessarily.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This section explicitly guides users to retrieve contact emails, account details, deal data, and cross-reference or export that information into other tools without any warning about sensitive CRM data handling, least-privilege use, or policy checks. Because Salesforce commonly contains personal and commercially sensitive information, normalizing outreach, export, and cross-tool transfer workflows can lead to unauthorized disclosure, privacy violations, or excessive sharing outside the source system.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The export template pulls broad opportunity data including free-text fields such as NextStep and Description, which often contain sensitive business information, customer details, internal strategy, or personal data. In a skill explicitly designed for CRM querying and exports, providing this query as a ready-to-use template without any warning, minimization guidance, or handling precautions increases the likelihood of unnecessary bulk exposure and downstream leakage.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal