ClawHub

Tax Professional

Security checks across malware telemetry and agentic risk

Overview

This tax helper is mostly coherent, but it asks for sensitive tax records and includes persistent Telegram reminder commands without strong user consent or privacy framing.

Install only if you are comfortable with the skill reading tax context from USER.md, storing tax and expense records in the workspace, and potentially using other skill data for deduction analysis. Do not set up the Telegram cron reminders unless you explicitly want tax-related messages sent to that service, and review how to remove those scheduled jobs. Verify important tax positions with current IRS guidance or a qualified tax professional.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill is framed as a broadly applicable tax advisor and includes generic trigger examples like mentioning purchases, expenses, life events, or tax questions. That broad scope can cause the agent to activate on ordinary conversation and begin giving tax guidance or storing data without a sufficiently explicit user action boundary, increasing the risk of over-collection and unintended advice.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill instructs the agent to persist detailed financial and tax records, including expenses, estimated tax payments, filing context, and related personal tax data, but it does not require a clear user-facing notice or consent step before storage. Because tax data is highly sensitive, silent persistence creates significant privacy and confidentiality risk if the workspace is shared, synced, or later accessed by other tools.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill provides commands to send tax reminder messages through Telegram via cron without prominently warning that tax-related content and timing metadata will be transmitted to an external messaging service. Even if the messages seem generic, they can reveal that the user has tax obligations, filing status, or business activity, which is sensitive financial information.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This file presents a broad list of deductions in authoritative language without a clear disclaimer that eligibility is highly fact-specific, time-bounded, and subject to exceptions, documentation rules, and changing tax law. In a tax-advice skill, users are likely to rely on these bullets directly and may incorrectly claim deductions, increasing risk of underpayment, penalties, audit exposure, or inaccurate filings.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal