ClawHub

Streaming Buddy

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it helps with streaming recommendations while storing a local viewing profile and using TMDB lookups.

Install only if you are comfortable with your streaming services, watch history, ratings, inferred preferences, cached TMDB responses, and TMDB API key being stored in the workspace. Delete $WORKSPACE/memory/streaming-buddy/ to reset the local profile, and use a TMDB key intended for this skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The description includes very broad natural-language triggers such as general requests for recommendations or mentioning major streaming brands, which can cause the skill to activate in many ordinary conversations. Over-broad activation increases the chance of unintended invocation, unnecessary data collection, and user confusion about when the skill is operating.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill prominently advertises learning preferences, watch tracking, history, and profile features, but the description does not clearly warn users that it stores persistent behavioral data. This is dangerous because viewing history and inferred taste can reveal sensitive personal attributes and may be collected without meaningful user awareness or consent.

Natural-Language Policy Violations

Medium
Confidence
81% confidence
Finding
The setup example defaults the region and language to DE/de-DE and the language support section says output adapts to config, without clear user opt-in or explanation of the privacy/availability consequences. While not severe on its own, defaulting locale can mis-handle user expectations, affect recommendation scope, and leak assumptions about geography or language preferences.

Missing User Warnings

Medium
Confidence
81% confidence
Finding
The skill sends user-provided search terms and the TMDB API key to an external service without any explicit user-facing notice or consent flow. In this skill context, user queries can reveal viewing interests, moods, and preference patterns, so silent transmission to a third party creates a real privacy risk even though the destination is an expected API.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill persistently stores inferred preference data such as liked genres, themes, actors, directors, and viewing history under the workspace without a clear warning, consent step, or retention controls. Because this skill is specifically designed to profile personal entertainment habits, silent on-disk learning increases privacy sensitivity and could expose intimate preference data to other local users, tools, or backups.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal