ClawHub

Data Retention Mapper

Security checks across malware telemetry and agentic risk

Overview

This skill locally turns supplied data-retention notes into a reviewable report; some unused audit code is present but not active in the shipped configuration.

Install only if you are comfortable running a local Python helper on the files you choose. Provide intended retention/governance inputs, redact sensitive inventories when practical, review the generated report before sharing it, and avoid modifying the bundled spec to enable the dormant audit modes unless you intentionally want that broader inspection.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill advertises and documents executable capabilities (`python3` and optional shell/exec use) plus file input/output behavior, but does not declare corresponding permissions. This creates a trust and policy-enforcement gap: an orchestrator or reviewer may treat the skill as lower risk than it really is, while the skill can still read local resources, write outputs, and invoke code paths that touch the filesystem or shell.

Tp4

High
Category
MCP Tool Poisoning
Confidence
98% confidence
Finding
A description-behavior mismatch is security-relevant because it can disguise a general-purpose auditing/scanning tool as a narrow data-retention helper. If the underlying implementation can scan directories, parse diverse files, inspect Skill metadata, and perform high-risk pattern detection beyond the stated purpose, users may expose broader local data than intended and defenders may under-classify the skill's risk.

Description-Behavior Mismatch

High
Confidence
90% confidence
Finding
The dispatcher supports multiple generic audit modes that go well beyond the advertised data-retention mapping purpose. This kind of scope mismatch is dangerous because it enables broader filesystem analysis and reporting than users would reasonably expect from the skill description, increasing the risk of unintended data discovery or misuse under misleading cover.

Description-Behavior Mismatch

High
Confidence
92% confidence
Finding
The built-in pattern scanner looks for secrets, internal URLs, and shell-execution indicators, which are unrelated to retention mapping and can expose sensitive operational details from arbitrary files. In the context of a governance/privacy skill, this hidden capability is especially risky because users may provide sensitive repositories or directories expecting compliance summarization, not code/security reconnaissance.

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
The skill-package audit logic inspects repository structure and frontmatter for another skill package, which is unrelated to data-retention analysis. While not directly exploitative by itself, it creates undisclosed cross-purpose inspection capability that broadens what the tool can analyze and may cause users to reveal internal package contents under a misleading trust model.

Context-Inappropriate Capability

Medium
Confidence
87% confidence
Finding
The directory inventory functionality recursively enumerates files, extensions, and Markdown headings from arbitrary directories, which exceeds what is necessary for a retention mapper and can surface sensitive project structure information. In a privacy/governance context, this mismatch is more dangerous because users may trust the tool with broad directory access assuming narrow compliance-oriented processing.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal