ClawHub
Back to skill

Security audit

redbook skill1.0

Security checks across malware telemetry and agentic risk

Overview

This skill clearly does what it says: it creates a daily Xiaohongshu drink-trend report and sends it to a Feishu group.

Install only if you want reports automatically sent to Feishu. Use a private Feishu group and dedicated webhook, rotate the webhook if exposed, confirm the cron schedule, and avoid including sensitive account or operational data in generated reports.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README states that the skill pushes reports to a Feishu robot and runs automatically every day, but it does not clearly warn users that generated content will be transmitted to an external third-party service on a schedule. This creates a real transparency and data-handling risk: users may install or configure the skill without understanding that collected or AI-generated report contents leave the local workflow automatically.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly instructs users to configure a Feishu webhook and states that collected hotspot reports will be pushed to a Feishu group, but it does not clearly warn that report contents are transmitted to an external messaging platform. Even if the data is not obviously sensitive, external delivery expands the data exposure surface and can lead to unintended sharing, especially if reports later include URLs, analytics, account information, or other operational content.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal