ClawHub

AI行业早报

Security checks across malware telemetry and agentic risk

Overview

This skill is a clearly described daily AI-news briefing that automatically posts to a configured enterprise messaging channel.

Before installing, confirm the target messaging channel and recipients, use a test channel first, and disable or edit the cron job if you only want manual reports. Do not include sensitive internal prompts or private data in the news-gathering workflow unless your search and messaging providers are approved for that use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly describes automatic delivery of generated content through external messaging channels such as Enterprise WeChat or QQ, but provides no warning, consent flow, or controls around outbound transmission. In a scheduled skill, this can cause unintended disclosure of generated summaries, prompts, or sensitive contextual data to third-party services, especially if the skill later incorporates private sources or user data.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The manual trigger description is overly broad and does not define clear invocation conditions, authorized users, or expected parameters. In a skill that can fetch external data and send outbound messages, ambiguous triggering increases the chance of accidental execution, misuse by unintended callers, or abuse to generate and distribute content without sufficient user intent verification.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill performs scheduled automatic outbound messaging but does not clearly warn the user about autonomous external delivery, recipients, or operational effects. This is dangerous because it can cause unintended data sharing, spam-like behavior, or repeated dissemination of unreviewed content through enterprise channels without informed consent or approval.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal