ClawHub

Pilot Expense Tracker Setup

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed setup guide for an expense-reporting agent pipeline, but users should review its external sharing of expense data before use.

Install only if you trust the Pilot tooling and the downstream pilot-* skills. Before running it with real expense data, confirm the webhook destination and Slack workspace/channel are approved, protect any required credentials, decide retention for archived receipts, and avoid sending unnecessary employee or financial details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README instructs users to collect receipts, extract vendor/amount/category data, submit reports to external systems, and notify managers via Slack, but it provides no privacy, retention, access-control, or sensitive-data handling guidance. Because receipts and expense reports commonly contain personal and financial information, this omission can lead to oversharing to third-party services, insecure storage, or noncompliant handling of employee data.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly configures the reporter to send expense reports to an external endpoint via webhook, but it does not instruct the operator to obtain user consent, validate the destination, or warn that potentially sensitive financial and employee data will leave the local agent network. In an expense-processing context, this can expose PII, financial records, and compliance data to unintended third parties or misconfigured endpoints.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal