ClawHub

Turkey News

Security checks across malware telemetry and agentic risk

Overview

This skill coherently fetches public Turkish news RSS feeds and can produce Telegram news summaries, with no evidence of hidden collection, credential theft, destructive behavior, or self-installed persistence.

Install this only if you want a skill that contacts the listed Turkish news feeds. Enable cron and Telegram alerts deliberately, confirm who 'Usta' maps to in your Telegram setup, and keep the message contents limited to public news summaries with an easy way to disable the schedule.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill instructs the agent to fetch RSS feeds from multiple external news sites, which is network activity, but no permissions or explicit capability declarations are documented. This creates an authorization and transparency gap: a user or platform may not realize the skill performs outbound requests to third-party domains, making review and policy enforcement harder.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The trigger phrases like 'Türkiye haberleri ver' and 'son haberler ne' are broad and likely to match normal conversation, increasing the chance of unintended activation. In a skill that performs network access and may later cause outbound notifications, accidental invocation can lead to unexpected data fetching and downstream actions without deliberate user intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill describes automatic Telegram notifications via cron without any user-facing warning, consent flow, or explanation of scheduled outbound messaging. Scheduled exfiltration to an external messaging service is more dangerous than one-off interaction because it can continue operating without active user awareness and may transmit summarized content or contextual data regularly.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The instruction 'Telegram'dan Usta'ya bildir' directs the agent to send information to an external recipient without warning the user about external transmission. Even if the content is news, outbound messaging to a named party creates a channel for silent data transfer and is especially risky if future modifications include user context, prompts, or metadata in those messages.

VirusTotal

51/51 vendors flagged this skill as clean.

View on VirusTotal