ClawHub
Back to skill

Security audit

Support Template Multilang Sync

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate support-template publishing workflow, but it gives the agent broad publishing and self-update authority without a clear approval gate.

Install only if you intend to let the agent edit support-template files and use Feishu, GitHub, and ClawHub publishing credentials. Before use, require an explicit dry run and human approval for every external sync, GitHub issue, SKILL.md change, and ClawHub publish action; keep credentials in environment variables or a secret store and do not paste tokens into prompts or generated content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill clearly instructs the agent to read and modify local markdown files, but it does not declare the permissions or capability boundaries needed for that behavior. Undeclared file access is risky because users and security tooling cannot accurately evaluate what the skill may read, and the same pattern often accompanies broader-than-expected file access in agent workflows.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill directs the agent to send content to Feishu Wiki, GitHub, and ClawHub, but it does not require an explicit user acknowledgement that local file contents may be transmitted to third-party services. This is dangerous because support templates may contain internal operational text, links, or placeholders that should not be published or mirrored externally without deliberate approval.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The skill documents use of Feishu credentials but does not include safe-handling guidance or user-facing warnings around secrets. In practice, this can lead to operators pasting tokens into prompts, logs, issues, or generated artifacts, increasing the chance of credential leakage and unauthorized access to the Feishu workspace.

Self-Modification

High
Category
Rogue Agent
Content
3. Re-read the file and verify each response block has the expected languages and no placeholder drift.
4. Sync the finalized content to Feishu Wiki.
5. Create a GitHub issue that records what changed, which file changed, and what follow-up is needed.
6. Update this skill if the process or API assumptions improved.
7. Package the skill and publish it to ClawHub when credentials are available.

## File Update Rules
Confidence
95% confidence
Finding
Update this skill

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.