ClawHub

Pilot Inventory Management Setup

Security checks across malware telemetry and agentic risk

Overview

This setup skill is coherent, but it can enable real supplier purchase-order and Slack notifications without strong safeguards or dry-run guidance.

Review this carefully before installing in a real procurement environment. Use test supplier endpoints and Slack channels first, confirm what the webhook bridge will send, protect any credentials, and add a manual approval or dry-run step before allowing the alerter to issue purchase orders.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README explicitly states that the alerter sends purchase order requests to suppliers and notifies procurement teams via Slack, but it does not warn users that setup enables outbound communications and operational side effects. In an automation skill for inventory workflows, this can lead to unintended external messages or procurement actions if users test or deploy the workflow without understanding that real supplier- or team-facing notifications may be triggered.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The example workflow includes publishing a purchase-order payload containing supplier identity, procurement channel, PO number, and an ERP URL, but provides no warning that this data may be sent externally or cause downstream business actions. Because the example is presented as a 'Try It' command sequence, users may execute it directly in a live environment, causing unintended disclosure to external systems or accidental reorder notifications.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly sets up an external data flow from the alerter to supplier systems over webhook/HTTPS and describes sending purchase-order requests, but it provides no user warning, confirmation step, endpoint validation guidance, or data-minimization controls. In a setup skill that automates outbound communications, this omission is security-relevant because it can cause unintended transmission of business-sensitive procurement data to third parties.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal