ClawHub

Ai Daily Briefing 1.0.0

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only daily briefing helper that reads expected productivity context, with privacy caveats but no hidden execution or exfiltration behavior found.

Install only if you are comfortable with your agent reading and summarizing local task lists, recent meeting notes, memory/user files, and calendar entries. Avoid using it in shared sessions unless you are prepared for private work context to appear in the briefing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases include broad, conversational requests like "what do I need to know?" and "what's today look like?" that could match ordinary user messages and invoke the skill unexpectedly. Because this skill then aggregates data from todo files, meeting notes, memory files, and calendar sources, unintended activation can expose sensitive personal or work context when the user did not explicitly ask for a briefing.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs the agent to read multiple potentially sensitive data sources, including meeting notes, memory files, and calendar information, but does not present meaningful privacy notice, consent flow, or scope limitation to the user. In practice, a user may invoke a simple "briefing" command without realizing it causes cross-source aggregation of personal and organizational data into a single response, increasing the chance of oversharing sensitive information.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrase "briefing" is very broad and likely to collide with ordinary user language or other skills that respond to status or summary requests. In an agent environment, overly generic activation can cause unintended skill invocation, exposing personal task, calendar, or meeting-note context when the user did not explicitly intend to call this skill.

Vague Triggers

Low
Confidence
83% confidence
Finding
The example trigger "what's overdue?" is a generic conversational phrase that could naturally appear in many contexts, increasing the chance of accidental activation. If triggered unintentionally, the skill may reveal overdue tasks or related work context from the user's private data sources.

Vague Triggers

Low
Confidence
76% confidence
Finding
The trigger "weekly preview" is somewhat generic and may overlap with other planning, calendar, or summarization skills. While less risky than a single-word trigger, it still lacks explicit scoping and could cause unintended access to schedule and task information in a shared agent ecosystem.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The listed trigger phrases include broad, natural expressions like "start my day" and "give me the rundown," which can easily overlap with ordinary user conversation. In a voice- or chat-driven agent, ambiguous activation can cause unintended invocation of the skill and accidental exposure of task, meeting, or calendar context when the user did not explicitly intend to request a briefing.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation states that meeting-derived to-do items and calendar information populate the briefing automatically, but it does not warn users about what data is accessed, how it is used, or the privacy implications of surfacing that information. This is risky because users may unknowingly expose sensitive schedule details, action items, or meeting context in shared environments or without informed consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal