ClawHub

每日Get笔记智能盘点

Security checks across malware telemetry and agentic risk

Overview

This skill is not clearly malicious, but it can automatically scan private recordings and change CRM or task systems without enough user approval controls.

Install only if you intentionally want an agent to scan that recordings folder and potentially update Feishu CRM, TickTick, channel tables, and related libraries. Use a report-only or manual-review workflow until the skill adds explicit approval before external writes, narrow trigger phrases, scheduler opt-in controls, least-privilege credential documentation, and retention or deletion rules.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrase set includes broad, everyday language such as '今天有什么' and '分类整理', which can unintentionally invoke a workflow that scans local files and performs downstream actions. Because this skill also automates CRM and task updates, accidental activation could cause unauthorized data processing or external side effects without clear user intent.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The documented user-facing trigger phrases are ambiguous and insufficiently scoped, making it easy for normal conversation to be interpreted as a command to run the skill. In this context, accidental execution is more dangerous because the workflow is not just informational—it can create tasks, classify business data, and update external systems.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill advertises fully automated processing and CRM updates without a prominent user warning that it will change external systems. This is dangerous because users may believe they are requesting a summary scan, while the skill may write customer, channel, and follow-up data into Feishu CRM based on potentially imperfect classification or transcription.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The workflow automatically generates todos and syncs them to an external task system, but the skill does not clearly warn users about this side effect at the point of description. That omission can lead to unintended task creation, operational confusion, and propagation of inaccurate meeting interpretations into team workflows.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal