ClawHub

Super Marketing Pro

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent marketing-content toolkit, but users should be careful with external LLM use, cold-email compliance, and a few problematic marketing-template statements.

Install only in a controlled Python environment and use an API key intended for this skill. Treat uploaded prompts and source documents as potentially sent to an external LLM provider, avoid confidential or regulated data unless approved, and review all generated email/social content for legal, platform-policy, and bias issues before use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (9)

Lp3

Medium
Category
MCP Least Privilege
Confidence
96% confidence
Finding
The skill advertises executable scripts that read files, write outputs, and consume an environment variable (`OPENAI_API_KEY`), but the manifest does not declare these capabilities or warn users about them. This creates a transparency and consent problem: users may invoke a marketing skill expecting text generation while it also accesses local data and secrets-bearing runtime context.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The phrase "Just say: 'Create a marketing strategy for my SaaS product.'" encourages very broad auto-activation on common user language. In an agent ecosystem, generic marketing requests are likely to appear in ordinary conversations, so this can cause the skill to activate unexpectedly and steer execution into scripts, data processing, or outbound-content generation the user did not explicitly request.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The promotional text highlights automated cold-email generation as a capability without any mention of consent, anti-spam rules, platform policies, or legal/compliance review. That omission increases the chance that users or downstream agents will treat mass outreach as a default safe workflow, creating abuse, policy, and reputational risk even if the file itself does not directly send emails.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The README advertises very broad trigger phrases such as generic requests for marketing strategy or content creation, which can cause the skill to activate unintentionally in unrelated conversations. In an agent environment, over-broad activation increases the chance the skill handles tasks it was not explicitly requested for, leading to unintended outbound-content generation, data processing, or workflow execution.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The README promotes generation of cold email sequences, including breakup emails, without any caution about consent, anti-spam compliance, or misuse for mass outreach. In the context of an autonomous agent skill, this lowers the barrier to producing potentially abusive outreach content and can facilitate spam, phishing-adjacent messaging, or non-compliant prospecting at scale.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrases are extremely broad and overlap with routine user requests such as marketing strategy, social content, email sequence, and hashtags. Over-broad activation increases the chance the skill runs unintentionally in contexts where the user did not mean to authorize its workflow, including file-processing or external-LLM-backed steps.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation states that `llm_utils.py` uses `OPENAI_API_KEY` and performs LLM-backed processing, but it does not disclose that user content, competitive research, or internal marketing materials may be transmitted to an external model provider. In a B2B marketing context, those inputs can include confidential plans, customer data, unpublished messaging, or competitor intelligence, making silent external transmission a real data-leakage risk.

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The template explicitly requires content quality to match a race/ethnicity-based standard ('专业白人营销团队的标准'), which introduces discriminatory bias into the skill’s behavior and can steer outputs toward exclusionary or inappropriate framing. In a marketing skill that generates user-facing messaging at scale, this can propagate biased language, create reputational and legal risk, and normalize protected-characteristic-based quality judgments.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script reads arbitrary local file content from --source and sends up to 3000 characters to an external LLM service without any explicit user-facing notice, consent step, or data-classification check. In a marketing skill, source documents may contain unpublished strategy, customer data, competitive intelligence, or internal business plans, so silent transmission creates a real confidentiality and compliance risk.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal