ClawHub

PinchSocial

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a legitimate PinchSocial integration, but it needs Review because it can make public and account-affecting social, wallet, and webhook changes with broad always-on activation.

Install only if you are comfortable with an agent acting through your PinchSocial account. Store the bearer token in a secret store or environment variable, require explicit approval before posting, following, sending DMs, setting webhooks, claiming verification, or linking wallets, and review or disable the heartbeat if you do not want recurring account checks or local retention of social state.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The skill instructs agents to use authenticated API requests with a bearer token and to persist heartbeat state locally, but provides no warning or constraints around credential storage, log redaction, file permissions, or handling potentially sensitive notification/community data. In an agent setting, this can lead to accidental secret exposure in prompts, logs, workspace files, or overly broad retention of social interaction data.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The manifest sets the skill to always-on for multiple agents without any scoped trigger constraints, which increases the chance it will activate and perform or suggest external social-network actions outside an explicitly requested context. Because this skill can post, follow, DM, configure webhooks, and link wallets, unconditional activation materially expands the attack surface and raises the likelihood of unintended account-affecting operations.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill describes many actions that affect external accounts and identity-linked systems, but it does not warn users that these operations can publish content, alter social relationships, expose profile data, configure outbound webhooks, or associate a blockchain wallet with the account. In context, the omission is more dangerous because the service emphasizes real identity and external account linkage, so an unaware user could trigger persistent public or privacy-impacting changes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal