ClawHub

B2b Lead Engine

Security checks across malware telemetry and agentic risk

Overview

This instruction-only B2B lead skill is not malware, but it directs LinkedIn/social-graph mining, contact enrichment, personality profiling, and outreach with weak privacy and compliance guardrails.

Install only if you are comfortable with an agent researching public professional profiles for sales prospecting. Do not provide logged-in LinkedIn/session access or use enrichment tools unless you have authorization, a lawful basis, lead-count limits, and retention/deletion rules. Review every generated profile and outreach message before use, and avoid inferred personality claims or contact methods that may violate platform rules or anti-spam/privacy laws.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Context-Inappropriate Capability

High
Confidence
96% confidence
Finding
The skill explicitly instructs systematic collection of third-party LinkedIn connections, social activity, and personality traits to build prospect lists and outreach material. In context, this goes beyond generic lead generation into surveillance-style profiling of identifiable individuals, increasing privacy, platform-terms, and abuse risk.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill directs acquisition of direct contact details and even infers email address patterns for specific people, enabling targeted outreach to individuals who may not have consented to contact discovery or solicitation. This materially increases privacy and spam abuse risk beyond simple lead discovery.

Context-Inappropriate Capability

Medium
Confidence
85% confidence
Finding
The prescribed multi-touch follow-up cadence operationalizes outreach campaigns, turning the skill from analysis support into actionable solicitation playbooks. While common in sales contexts, embedding execution guidance alongside harvested personal data increases the risk of spammy or non-consensual outreach.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill instructs collecting contact details and work emails without any user-facing privacy or data-handling warning. In a skill centered on identifying and contacting real individuals, omission of consent, lawful basis, retention, and anti-spam constraints makes misuse significantly more likely.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill provides a repeatable workflow for mining LinkedIn connections and behavioral data, yet gives no meaningful warning about privacy, platform restrictions, or risks to targeted individuals. In this context, the lack of safeguards makes a sensitive profiling workflow materially more dangerous.

Ssd 3

Medium
Confidence
95% confidence
Finding
The skill directs compilation of personal contact details and behavioral/personality profiles into structured deliverables, enabling targeted social engineering and persistent records about identifiable people. In a sales-prospecting context, this creates a concrete privacy and misuse risk because the output is operationally ready for outreach.

Ssd 3

Medium
Confidence
97% confidence
Finding
The skill tells the agent to harvest competitors' sales connections and convert identifiable people into prospect lists, effectively treating social graphs as a source of exploitable leads. This is especially risky because it systematizes collection of third-party relationship data for competitive targeting, which can violate privacy expectations and platform rules.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal