ClawHub
Back to skill

Security audit

营销引流工具包

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed social-media marketing autoposter, but it can publish to X or Weibo automatically and on a schedule with unclear approval controls.

Install only if you intentionally want an agent to help operate X or Weibo accounts. Before use, require draft-only mode or explicit approval for each post unless unattended publishing is deliberately enabled, and define platform limits, rate limits, account-risk tolerance, deletion/rollback expectations, and how to stop scheduled posting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly promotes fully automatic social-media posting through browser automation without requiring an explicit per-action confirmation from the account owner. Autonomous posting to external platforms can misuse the user's authenticated session, publish unwanted or policy-violating content, damage reputation, and trigger account sanctions if the agent acts incorrectly or is manipulated by untrusted trend/content inputs.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The cron workflow describes hourly analysis, content generation, and automatic posting, which creates recurring autonomous external actions against the user's social-media accounts. In this context, the danger is elevated because the skill targets live publishing on X/Weibo using MCP browser automation, so a bad prompt, misclassification of trends, or adversarial content source could repeatedly post harmful content without the user being present.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal