ClawHub

Openclaw Rd Pipeline

Security checks across malware telemetry and agentic risk

Overview

This skill appears to automate Feishu and repository workflows, but it gives agents broad read and write authority without clear user confirmation boundaries.

Review before installing. Use it only with narrowly scoped Feishu spaces, repositories, and task IDs, and require a dry run plus explicit confirmation before any Feishu read, branch push, PR creation, or task/status update. Do not grant broad credentials or unattended execution until the skill documents its data access and write boundaries clearly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill clearly instructs file access via `Load [references/templates.md]`, `Load [references/feishu-fields.md]`, and execution of a local validation script, yet no explicit permissions are declared. In an agent setting, undeclared file-read capability weakens transparency and consent boundaries, making it easier for the skill to access local project data unexpectedly.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill directs the agent to query Feishu history/wiki, clone repositories, push branches, open PRs, and create/update Feishu tasks without an explicit user-facing notice or confirmation gate for accessing project data and performing write actions. In practice, this can expose sensitive historical project information and trigger unauthorized code or task modifications under the guise of normal workflow automation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal