ClawHub

Pilot Content Marketing Pipeline Setup

Security checks across malware telemetry and agentic risk

Overview

This appears to be a publishing automation skill, but it grants external publishing and trusted agent-to-agent communication authority without enough user confirmation or scoping detail.

Install only if you intend to automate publishing or notifications to external systems. Before enabling it, verify every CMS, Slack, webhook, and peer-agent destination, use least-privilege credentials, test with non-sensitive drafts, and confirm there is a clear way to disable or revoke trusted peer connections.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README instructs operators to establish bidirectional trust and states that trust is auto-approved with no manual step, but it does not warn that this creates an authenticated communication path between agents. In a multi-agent pipeline that passes content automatically, an incorrect handshake target, hostname typo, or compromised peer could gain trusted access and send data or trigger downstream actions without additional review.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The publisher role is described as sending content and notifications to CMS, Slack, and webhooks, but the README does not clearly warn users that data will leave the agent environment and be transmitted to external systems. Because this skill is specifically designed to automate publication, users may unintentionally expose drafts, metadata, or internal links to third-party platforms if destinations or payloads are misconfigured.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly configures a publisher role to send content and notifications to external systems via webhooks and Slack, but it does not require an explicit user confirmation or warning at the point where external transmission occurs. In a setup skill, this omission can cause users to deploy data flows that exfiltrate drafts, metadata, or publication events to third-party systems without fully understanding the privacy and security implications.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal