ClawHub

auto-file-sender

Security checks across malware telemetry and agentic risk

Overview

This skill openly aims to send workspace files to Feishu/Lark, but its automatic and broad file-transfer workflow needs user review before installation.

Install only if you intentionally want workspace files delivered to Feishu/Lark. Use explicit file paths or narrow patterns, confirm the recipient open_id every time, avoid watching directories that may contain secrets or unrelated work, and stop watch mode as soon as the task is complete.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The invocation description is broad enough that an agent could select this skill in many ordinary file-generation scenarios, causing automatic external transmission of workspace files without a narrowly scoped, explicit user request at send time. In a skill whose core action is file exfiltration to an external messaging platform, loose activation criteria materially increase the risk of unintended disclosure.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The phrase describing auto-send behavior does not define when monitoring begins, what directories are in scope, whether existing files are included, or what user consent is required. Because the skill is designed to watch a workspace and transmit files externally, ambiguous triggering semantics can lead to silent or unexpected sending of sensitive files.

Missing User Warnings

High
Confidence
94% confidence
Finding
The skill centers on automatic transmission of local workspace files to Feishu/Lark, yet the overview does not prominently warn users that files may leave the local environment and be delivered to external recipients. In this context, omission of a clear outbound-transfer warning increases the chance of accidental disclosure of sensitive documents, images, or generated outputs.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
Defaulting the recipient to the current conversation user without a clear warning can cause files to be sent to an unintended destination when the operator assumes a different default or forgets to specify a target. For a file-transfer skill, undocumented implicit recipient behavior meaningfully increases the chance of misdelivery and privacy loss.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The script continuously monitors a workspace and emits ready-to-use send commands for matching files, which can normalize or facilitate bulk disclosure of local files without any confirmation or sensitivity checks. In the context of an agent skill designed for automated delivery to an external messaging platform, this increases the risk of unintended exfiltration of confidential workspace contents.

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
---
name: auto-file-sender
description: |
  Automatically send files from workspace to Feishu/Lark when files are generated or updated. 
  Use when: (1) User creates new documents and wants them delivered automatically, 
  (2) Batch processing generates multiple files that need to be sent, 
  (3) Setting up automated file delivery workflows.
Confidence
80% confidence
Finding
Automatically send

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal