ClawHub

Openclaw Skill

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed AgentIzzy phone-agent API helper, but users should handle its call data, lead data, webhooks, and billing examples carefully.

Install only if you trust AgentIzzy with customer call recordings, transcripts, and lead PII. Use a dedicated API key, configure webhooks only to trusted HTTPS endpoints, confirm legal authority and caller notice/consent for recording and retention, and require account-owner confirmation before phone-number provisioning or paid-plan checkout.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
81% confidence
Finding
The skill is presented as a phone-agent integration, but it also exposes billing and plan-upgrade operations that can trigger account-level financial actions. Expanding scope beyond core telephony increases the chance an agent or user invokes sensitive account management endpoints unintentionally.

Context-Inappropriate Capability

Medium
Confidence
85% confidence
Finding
Including billing usage and checkout capabilities is not necessary for retrieving calls, leads, or provisioning phone agents, yet it enables financially sensitive account changes. In an agentic workflow, unnecessary access to billing endpoints broadens the blast radius from operational automation to account spending.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documentation encourages retrieval of full transcripts, recordings, phone numbers, emails, and lead notes, but does not prominently warn about privacy, consent, retention, or downstream handling obligations. Because this skill processes sensitive communications data, normalizing access without strong warnings can lead to misuse or non-compliant data exposure.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal