ClawHub

Social Publisher

Security checks across malware telemetry and agentic risk

Overview

This skill is purpose-aligned, but it needs Review because it stores social-media session cookies and can publish or create drafts across accounts without a confirmation or dry-run guard.

Install only if you are comfortable giving this skill cookie-based access to your social accounts. Use test accounts first, publish to one platform at a time, protect the cookie config file, review content before running, and avoid scheduled or all-platform runs unless you can monitor and cancel them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs users to store long-lived social media session cookies in a local config file, which are effectively authentication tokens that can be reused to act as the user. Without strong warnings about secure storage, file permissions, rotation, and account takeover risk, users may expose credentials that allow unauthorized posting or account misuse across multiple platforms.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation promotes automated cross-platform posting and scheduled execution but does not clearly disclose that the tool will transmit user content to third-party services and may publish publicly under the user's identity. This creates a meaningful consent and misuse risk, especially for scheduled actions that can occur later without immediate user review.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The script sends local article content to third-party social-media APIs and authenticates with stored account cookies, which can cause real external side effects such as creating drafts or posts under the user's accounts. Although this appears to be the intended purpose of the tool rather than malicious behavior, it lacks explicit consent prompts, dry-run mode, or clear disclosure at execution time, increasing the risk of accidental data disclosure or unintended publishing.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal