ClawHub

Research Paper Monitor

Security checks across malware telemetry and agentic risk

Overview

The skill fits its research-paper monitoring purpose, but its webhook and external-integration examples handle sensitive notification endpoints and research-profile data too casually.

Review the notification settings before installing. Do not use the Feishu webhook shown in the documentation; replace it with your own or leave notifications disabled. Treat webhook URLs, SMTP passwords, and Zotero API keys as secrets, and avoid sharing or syncing ~/.openclaw/research-monitor/config.json unless you have reviewed what it contains.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill states that it will archive papers locally and push high-relevance results to a Feishu webhook, but it does not clearly warn users that data will be written to disk and transmitted to an external endpoint. Even if the content is academic, stored metadata may reveal the user's research interests, institution, monitoring topics, or usage patterns, and webhook delivery sends that information outside the local environment.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The email example performs external transmission and uses SMTP credentials, but the documentation gives no warning about data egress, secret storage, or the sensitivity of transmitted paper metadata. Users may copy this pattern into production and expose credentials or unintentionally send data outside approved channels.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The WeCom webhook sample sends content to an external endpoint without any disclosure of data-sharing implications, webhook secrecy requirements, or approval expectations. This can lead to unauthorized data dissemination if users enable it without understanding that paper metadata and summaries are being exported.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The rclone sync example can copy the local paper repository to cloud storage, but the docs omit privacy, access-control, and overwrite risks. Even if the corpus is mostly academic metadata, local notes, annotations, or downloaded content may contain sensitive or licensed material that should not be synced blindly.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The Zotero integration posts paper metadata to an external API using an API key, yet the documentation does not explain that data is leaving the local environment or how to protect the key. This increases the chance of inadvertent data disclosure and insecure secret handling by users following the example verbatim.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The configuration guide includes a live-looking Feishu webhook URL and instructs users to paste webhook endpoints into config without any warning that notification payloads may contain monitored paper metadata or user-related research interests sent to a third-party messaging service. Even if the example webhook is nonfunctional, normalizing secret-bearing webhook handling in documentation can lead to accidental disclosure, misuse of production endpoints, or silent outbound data flow to external services.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal