ClawHub

每日科技播报

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: fetch daily tech headlines from named news sources and produce or schedule a digest.

Install only if you are comfortable with the skill making outbound requests to its news sources. If using cron or channel delivery, configure it only for channels where automatic third-party news summaries are acceptable, and consider reviewing output before posting in shared or public spaces.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill explicitly instructs execution of a Python script that performs HTTP fetching from external news sources, yet the skill metadata declares no permissions or environment requirements related to network access. This creates a capability/permission mismatch that can bypass operator expectations, reduce auditability, and normalize hidden outbound connectivity in an agent skill.

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The cron instructions encourage automatically fetching third-party content and posting the result directly into chat channels without any approval, moderation, or warning step. This creates a content-safety and operational risk: unexpected, misleading, or policy-violating external content could be propagated automatically to users or shared spaces.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger phrases include broad everyday requests such as '科技要闻' and '推一下科技新闻', which can overlap with normal conversation and cause unintended skill activation. In an agent environment, overly broad routing can lead to unexpected network access and execution of external-fetching code when the user may have only been chatting or asking generally for news.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal