ClawHub

Help.Center Article Management

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Help.Center management skill whose API access and content-changing abilities are disclosed and aligned with its purpose, but users should handle credentials and publication carefully.

Install this only if you want an agent to manage Help.Center content. Use the narrowest API key scopes needed, avoid publish or delete permissions unless required, confirm ambiguous documentation requests, sanitize any SVG or uploaded media, and review drafts before approving publication.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The README uses very broad natural-language triggers such as 'write a help article' or 'update the FAQ' without defining approval gates, scope limits, or when the agent should require explicit confirmation. In a skill that can modify and publish external content, this can cause the agent to invoke the skill too eagerly and perform unintended user-visible actions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README advertises creating, updating, publishing, and unpublishing help center content but does not warn that these actions are externally visible, potentially destructive, or require elevated trust. Because the skill manages production documentation, omission of safety warnings increases the chance that an agent will make unauthorized or accidental changes to public-facing content.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger description is broad enough to match generic requests like "write a help article" or "update the docs" without requiring a strong Help.Center-specific signal. That can cause the skill to activate in the wrong context and steer users toward external API operations or credential collection for tasks that were meant for another documentation system.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill asks the user to provide an API key and center ID and instructs storing them as session environment variables, but it does not include an explicit warning about safe credential handling, least-privilege scopes, redaction, or not pasting secrets into insecure channels. In an agent setting, this increases the risk of unnecessary secret exposure and unsafe reuse of powerful credentials.

External Transmission

Medium
Category
Data Exfiltration
Content
### Creating a category:
```bash
curl -s -X POST \
  -H "Authorization: Bearer $HC_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
78% confidence
Finding
curl -s -X POST \ -H "Authorization: Bearer $HC_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "name": "Getting Started", "description": "Articles for new users", "icon": "<s

External Transmission

Medium
Category
Data Exfiltration
Content
"icon": "<svg>...</svg>",  // Optional custom SVG icon
    "parent_id": "parent-cat-id"  // Optional, for subcategories
  }' \
  "https://api.help.center/v0/centers/$HC_CENTER_ID/articles/categories"
```

### Updating a category:
Confidence
80% confidence
Finding
https://api.help.center/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal