ClawHub

Product Launch Radar

Security checks across malware telemetry and agentic risk

Overview

This looks like a coherent product-launch monitoring skill, but it needs review because it combines scheduled/webhook-triggered outbound notifications with unclear webhook controls and unrelated high-impact capability tags in metadata.

Install only if you want an automated monitor that fetches public product-launch information and sends summaries to configured channels. Before enabling it, verify why the listing carries crypto/purchase capability tags, review the dependent skills, require authenticated webhook access, protect Feishu/email credentials, and confirm cron schedules and notification recipients.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The manual trigger example uses a very broad natural-language phrase ('帮我看看今天有什么新产品发布') that could easily match ordinary conversation and cause the skill to run unintentionally. Because this skill aggregates external sources and can generate/push summaries, accidental invocation may lead to unwanted network access, data processing, or notifications.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill configuration shows external aggregation and notification delivery to channels like Feishu and email, but the skill description does not clearly warn users that content may be fetched from third-party sources and then pushed outward. This lack of disclosure increases the risk of users triggering external data flows or outbound messages without informed consent, which is more concerning in a workflow that includes automated notification distribution.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The example demonstrates configuring an automated daily push to a Feishu group, which is an outbound action affecting an external communication channel, but it provides no warning, consent check, or indication of downstream impact. In an agent skill context, normalizing automatic external messaging without guardrails can lead to unintended disclosure, spam, or misuse if users or downstream systems treat the example as safe-by-default behavior.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The API example shows use of a bearer token and delivery to Feishu, but omits any guidance on secure token handling, secret storage, or the fact that request contents may be transmitted to external services. This can encourage insecure copy/paste practices and external data sharing without adequate awareness, increasing the chance of credential exposure or unintended data egress.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The workflow exposes a webhook trigger at a fixed endpoint but the manifest shows no authentication, signature validation, source restriction, or other invocation controls. In this context, an unauthenticated caller could trigger external aggregation and downstream notification behavior, causing abuse, alert spam, or unintended operational activity.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal