ClawHub

Rss Reader

Security checks across malware telemetry and agentic risk

Overview

This RSS reader does what it advertises, but users should understand that feed data may be sent to configured AI and Feishu services.

Install only if you are comfortable with RSS titles, links, snippets, and generated reports being processed by your chosen AI endpoint and optionally posted to a Feishu/Lark channel. Review the default feed list, avoid private/internal feeds unless that sharing is acceptable, and pin/audit dependencies for controlled deployments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README instructs users to configure a Feishu webhook for outbound notifications but does not warn that article titles, summaries, or other processed content may be transmitted to an external third-party service. In a skill that fetches and summarizes subscribed content automatically, this omission can lead to unintentional data egress and privacy/compliance issues, especially if subscriptions include sensitive or internal feeds.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger phrases include broad terms like '订阅' and '资讯汇总', which can match many ordinary user requests unrelated to this skill. Over-broad activation can cause unintended execution of a skill that performs network access, local writes, and external transmission to AI/Feishu services, increasing the chance of privacy-impacting actions without clear user intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description emphasizes summarization and Feishu push, but it does not clearly warn that article titles, links, and related metadata are sent to external AI providers and that generated reports are forwarded to Feishu. In a content aggregation skill, this matters because users may assume processing is local, while refresh/summarization actually discloses browsing/subscription-derived data to third parties.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill sends article content/excerpts to an external AI service for summarization without an explicit transmission warning or consent checkpoint at the time of use. Even if RSS content is public, users may not expect external processing by a third-party model provider, creating privacy, compliance, and data-handling transparency risks.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
This batch summarization path sends multiple article excerpts to an external AI provider without explicit disclosure at the transmission point. The scale of transmission is larger than the single-article case, which increases the privacy/compliance exposure and makes silent external sharing more significant.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The generated report and article links are automatically pushed to Feishu without a clear disclosure or confirmation step. That creates an external sharing risk because collected content may be redistributed to a workspace/channel users did not intend, especially in multi-user or shared deployment contexts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal