ClawHub

jd-lawsuit-skill

Security checks across malware telemetry and agentic risk

Overview

This is a coherent consumer-dispute helper that handles sensitive order evidence and saves it locally, so users should run it only on the specific dispute they intend to document.

Install only if you are comfortable letting the agent view the relevant logged-in shopping pages and save evidence files locally. Keep the workflow limited to one order, use a trusted browser automation MCP, avoid storing the evidence folder in a shared or cloud-synced Downloads directory if possible, and review or redact personal details before filing or sharing generated documents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly saves screenshots and extracted order data to a local directory, but it does not clearly warn the user that potentially sensitive personal data will be written to disk or discuss retention, access control, or cleanup. Because order pages commonly contain names, addresses, phone numbers, and purchase history, silent local persistence increases privacy and data exposure risk, especially on shared or unmanaged devices.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The guidance directs collection of sensitive order and personal data such as order numbers, logistics details, chat records, invoices, and seller/license information, but provides no privacy notice, minimization guidance, retention limits, or consent boundary. In a browser-automation context, this increases the risk of over-collection, local data exposure, and accidental inclusion of unnecessary personal information in screenshots and case files.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The raw-data.json schema stores structured sensitive identifiers and transaction details, including order ID, payment details, tracking number, timestamps, seller identity, and dispute-related records, without any warning or safeguards. Structured exports are especially easy to reuse, copy, exfiltrate, or process downstream, making privacy harm more likely than screenshots alone.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The template explicitly directs generated legal documents containing order details, names, addresses, phone numbers, and dispute evidence to be saved under a predictable local Downloads path, but does not mention consent, retention, visibility, or sensitivity of the stored data. In the context of a consumer-rights/legal-document skill, this increases privacy risk because the files may contain highly sensitive personal and transactional information that could be exposed to other local users, backups, sync services, or later unintended disclosure.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The guide directs collection of order details, logistics, chat records, reviews, and merchant information, which can include personal and sensitive data, but it provides no privacy notice, data-minimization guidance, retention limits, or consent boundaries. In a consumer-dispute skill, this context makes the issue more serious because the workflow is specifically designed to gather evidence tied to identifiable individuals and transactions, increasing the risk of overcollection, unintended disclosure, or misuse.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The App-only workflow tells users to save screenshots to a local directory for later reading by the skill, but it does not warn that those screenshots may contain names, addresses, phone numbers, order IDs, and chat contents. This is dangerous because local screenshot archives are easy to overshare or leave behind, and the skill context makes exposure more likely since evidence packages often aggregate multiple sensitive records in one place.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal