ClawHub

slack-1

Security checks across malware telemetry and agentic risk

Overview

This appears to be a straightforward Slack bot skill, with privacy-sensitive Slack access that users should scope carefully.

Install only in workspaces and channels where bot access is appropriate. Use least-privilege Slack scopes, restrict channel membership, avoid asking the agent to read more message history or member data than needed, and treat retrieved Slack content as confidential.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill allows reading recent messages and retrieving member information through the bot token, but does not warn about privacy, data sensitivity, or scope of access. That omission can lead an agent to over-collect or disclose Slack data without clear necessity, increasing the risk of privacy violations and unauthorized exposure of internal communications or identity details.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill allows reading recent messages and retrieving member information through the bot token, but does not warn about privacy, data sensitivity, or scope of access. That omission can lead an agent to over-collect or disclose Slack data without clear necessity, increasing the risk of privacy violations and unauthorized exposure of internal communications or identity details.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal