ClawHub

Powerpost

Security checks across malware telemetry and agentic risk

Overview

PowerPost is a disclosed social-media publishing integration with expected account access and posting authority, but no evidence of hidden or malicious behavior.

Install this only if you want an agent to operate your PowerPost workspace and connected social accounts. Prefer draft-only or narrowly scoped API keys unless you intentionally want live publishing, and require explicit confirmation before publishing, scheduling, canceling, deleting calendar entries, uploading media, or spending credits on generation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The README includes calendar-management commands such as viewing, moving, and deleting calendar entries even though the skill is described as a social-media posting tool. This creates a scope-confusion risk: an agent may route unrelated calendar requests to this skill, granting it authority beyond the user's expected trust boundary and potentially causing unintended modifications to scheduled content or adjacent systems.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The example trigger phrases are broad and natural-language driven, with little indication of what requests should or should not invoke the skill. In an agentic environment, ambiguous prompts increase the chance of over-triggering this skill for adjacent tasks like research, uploads, scheduling, analytics, or cross-tool actions, which can lead to unintended API calls or content publication workflows.

Vague Triggers

High
Confidence
97% confidence
Finding
Calendar-related example commands inside a social-posting skill materially increase invocation ambiguity because they suggest the skill can operate on generic calendar objects. If an orchestrating agent maps these phrases to the skill, it could perform state-changing actions like moving or deleting entries without the user realizing they are interacting with a third-party posting integration rather than a calendar-specific tool.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal