ClawHub

ai news daily new

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent AI news digest, but its scheduled mode writes results to fixed Tencent Docs documents, which needs user review.

Review before installing. Use it only if you intend this skill to run daily and append AI news briefs to the listed Tencent Docs documents using your configured Tencent Docs access. Change or remove the hard-coded document targets if they are not yours, and prefer manual output or a dry run unless scheduled publishing is explicitly approved.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill’s primary stated purpose is to generate a news digest, but it also performs an external side effect by writing output into Tencent Docs. Hidden or secondary data-export behavior increases risk because scheduled runs may modify remote resources or transmit generated content without an explicit per-run user action or clear consent boundary.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The scheduled automation publishes results to Tencent Docs even though the core skill objective is news summarization, not remote document management. This creates an unnecessary outbound action surface: if misconfigured or abused, the skill could overwrite documents, leak content to external services, or create persistence beyond the user’s immediate session.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs scheduled runs to write directly to Tencent Docs with no user-facing warning about external transmission or document modification. Lack of transparency is dangerous because operators or users may believe the skill only produces local output, while in reality it sends data to a third-party platform and alters remote content automatically.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal