ClawHub

What Should We Do?

Security checks across malware telemetry and agentic risk

Overview

This activity-planning skill is coherent, but it asks for calendar, reminder, contact, and messaging powers that deserve careful review before installation.

Install only if you want an activity planner that can remember personal and group preferences, store contact details, and potentially use calendar, Telegram/message, and cron tools. Before allowing it to act, require the agent to show the exact calendar event, recipients, invite/reminder text, and any data it will store or send, and periodically review or delete data/whatdo/preferences.json and history.json.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The skill advertises many broad, everyday trigger phrases such as boredom- and planning-related language that could match ordinary conversation and invoke the skill unexpectedly. That increases the chance of collecting personal context, reading local files, or initiating planning flows when the user did not intend to engage this skill.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The quick-reference list includes ambiguous phrases like 'bored', 'movie night', and 'send invites' without strong scoping or confirmation requirements. In practice, this can cause unintended invocation or direct transitions into sensitive flows involving personal data, contacts, reminders, or messages.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill stores sensitive preference and contact data, including dietary data, group membership, phone numbers, email addresses, Telegram handles, routines, and history, but the description does not prominently disclose this upfront. Users may unknowingly provide or permit retention of personal and third-party data without informed consent.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The calendar and reminder functionality can create events and schedule notifications through external services, but the skill does not present a prominent warning about external data sharing and event creation before describing these capabilities. This can lead to users unintentionally authorizing disclosure of schedules, locations, attendee emails, and event details to third-party services.

Missing User Warnings

High
Confidence
96% confidence
Finding
The invite and RSVP features use stored third-party contact details to send messages and reminders, yet there is no clear warning about contacting other people or processing their personal data. This creates a meaningful privacy and abuse risk because the agent could message third parties, track responses, and store attendance data without those individuals' knowledge or consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal