ClawHub

每日情报自动化系统

Security checks across malware telemetry and agentic risk

Overview

This skill openly describes an automated briefing workflow that can search, generate content, upload to Feishu/Lark, send to recipients, and run by cron; no hidden or malicious behavior was found.

Install this only if you want an automated workflow that can use external services and send generated briefing materials. Configure Feishu/Lark credentials, recipients, and cron schedules carefully, and keep output local until you have verified the delivery targets.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The example trigger phrases are broad natural-language requests that could match routine user intent and cause the skill to run when the user did not explicitly intend to invoke an automated workflow. In this skill, unintended invocation is more dangerous because execution can lead to external searches, content generation, document creation, and delivery actions, potentially causing unwanted outbound communication or scheduled automation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description highlights automation and delivery but does not clearly warn users that it may upload content to Feishu/Lark, send files to recipients, and run on a cron schedule. This is dangerous because users may invoke the skill expecting local content generation, while the skill's documented behavior includes external transmission and autonomous repeated execution, increasing the risk of privacy leaks, unintended messaging, and persistent unauthorized actions.

VirusTotal

51/51 vendors flagged this skill as clean.

View on VirusTotal