ClawHub

Prospect Analyzer

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed prospect-research workflow that browses public company sites and saves local lead reports, with no executable install behavior or hidden credential access found.

Install this if you want an agent to research prospect websites, use browser access, and save lead-analysis files in your workspace. Do not put confidential pricing, strategy, or customer information in PROSPECT_CONFIG.md unless you are comfortable having it used in generated analysis, and review queue changes if you use prospects/queue.md.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Low
Confidence
90% confidence
Finding
The README explicitly states that the skill visits company websites and analyzes competitor content, but it does not warn users that running the skill causes external network access and may transmit target domains or prompts to remote services. This is primarily a transparency and informed-consent issue: users may invoke the skill without realizing it will browse third-party sites or expose analysis context to browser/model tooling.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The optional setup tells users to place business context, target profile, and pricing range in a workspace file, but it does not disclose that this information may be incorporated into prompts, model processing, or generated outreach. That omission can lead to accidental exposure of sensitive commercial information, especially if users include confidential positioning or pricing details assuming the file remains local-only.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The invocation phrases are very broad (e.g. 'analyze example.com', 'research a company for outreach', 'score this lead') and overlap with common user requests, which increases the chance the skill is auto-selected in situations where the user did not intend website visiting, competitive research, scoring, or file writes. In a skill that performs multi-step browsing and persists reports, overbroad triggers can cause unintended data collection and side effects rather than merely answering a question.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill directs the agent to create a directory and save a report file in the workspace, but it does not require notifying the user or obtaining confirmation before writing. That creates an unintended side-effect risk: a user asking for analysis may not expect persistent file creation, and repeated runs could clutter or overwrite workspace artifacts.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The optional queue workflow instructs reading and then modifying an existing 'prospects/queue.md' state file by moving entries between sections and appending scores, without an explicit warning or confirmation. Editing an existing user file is more dangerous than creating a new report because it can alter workflow state, corrupt formatting, or cause loss of information if the queue structure differs from expectations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal