ClawHub

Account Handoff Builder

Security checks across malware telemetry and agentic risk

Overview

This is a local customer handoff draft builder with disclosed Python file input/output and no evidence of networking, credential use, background persistence, or destructive behavior.

Use this for local, review-first customer handoff drafts. Run the Python helper only on intended handoff materials, choose output paths deliberately, and avoid unnecessary personal or confidential customer data. Do not edit the bundled spec to enable dormant audit/scanning modes unless you intentionally want that local inspection behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill advertises no explicit permissions, yet its instructions include shell execution via python3 and imply reading local resources and writing output files. This creates a hidden capability boundary: a caller or platform may treat the skill as low-risk while it can actually access files and invoke an interpreter, increasing the chance of unintended data access or command execution.

Tp4

High
Category
MCP Tool Poisoning
Confidence
84% confidence
Finding
The declared purpose is a narrow handoff-document generator, but the detected behavior suggests broader filesystem inspection, content analysis, and generic audit/scanning modes. That mismatch is dangerous because users may provide sensitive workspace access under the assumption of limited business-document processing, while the skill can enumerate unrelated files and perform broader analysis than expected.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal