ClawHub

Signalgrid Activity

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it sends user-requested live activity notifications through Signalgrid, with some documentation and reliability caveats but no evidence of hidden or harmful behavior.

Install only if you are comfortable storing a Signalgrid key/channel in OpenClaw, enabling the required tool access, and sending notification titles, bodies, progress values, and related metadata to Signalgrid. Use a revocable/scoped key if available, avoid putting secrets or sensitive operational details in notifications, and test start/update/end behavior before relying on it for important alerts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill documentation declares required environment variables in metadata, but there is no explicit permissions declaration covering access to secrets/environment data. That mismatch weakens security review and consent boundaries because the skill can rely on sensitive values such as SIGNALGRID_CLIENT_KEY without clearly declaring that capability. In this context, the skill sends data to an external service, so undeclared env access is more significant because it may enable silent use or leakage of credentials during execution.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The README states that the AI 'automatically uses this skill when you ask to start live activities,' which encourages broad implicit invocation rather than explicit user confirmation. In an agent environment, overly broad activation language can cause the skill to trigger on ambiguous prompts and send external notifications unexpectedly, which is especially relevant because the skill requires network access and uses stored credentials.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README instructs users to place Signalgrid credentials into configuration but provides no guidance on secret handling, rotation, least privilege, or avoiding accidental exposure in files, dashboards, logs, or version control. Because these credentials enable outbound actions to a third-party service, mishandling them could allow unauthorized notification sending or abuse of the connected account.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal