ClawHub

arXiv Daily Paper Pusher

Security checks across malware telemetry and agentic risk

Overview

This skill does what it advertises: it fetches public arXiv paper metadata, ranks it locally, and posts selected results to a Feishu/Lark webhook configured by the user.

Install only if you are comfortable sending configured group names, keywords, and selected paper titles/links to your Feishu/Lark webhook. Keep the webhook URL private, review the optional cron command before enabling it, consider pinning dependencies in your own environment, and prefer the arxiv library mode if you want to avoid the plain-HTTP fallback.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (7)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill clearly transmits fetched paper information to an external Feishu/Lark webhook, but the description does not prominently disclose this outbound data flow or its privacy implications. Even if the payload is only paper metadata, undisclosed external transmission can surprise users, cause policy violations, or lead them to paste sensitive webhook URLs without understanding the trust boundary.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The fallback path sends arXiv search queries to `http://export.arxiv.org/api/query` over plain HTTP, allowing intermediaries to observe or modify the request and response. While the queried keywords are not necessarily highly sensitive, they can reveal research interests or internal topics, and the unencrypted response could be tampered with to inject false paper metadata or links into downstream workflows.

Unpinned Dependencies

Low
Category
Supply Chain
Content
arxiv>=2.1.0
PyYAML>=6.0
requests>=2.31.0
Confidence
92% confidence
Finding
arxiv>=2.1.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
arxiv>=2.1.0
PyYAML>=6.0
requests>=2.31.0
Confidence
98% confidence
Finding
PyYAML>=6.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
arxiv>=2.1.0
PyYAML>=6.0
requests>=2.31.0
Confidence
97% confidence
Finding
requests>=2.31.0

Known Vulnerable Dependency: PyYAML — 8 advisory(ies): CVE-2019-20477 (Deserialization of Untrusted Data in PyYAML); CVE-2020-1747 (Improper Input Validation in PyYAML); CVE-2020-14343 (Improper Input Validation in PyYAML) +5 more

Critical
Category
Supply Chain
Confidence
87% confidence
Finding
PyYAML

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
84% confidence
Finding
requests

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal