ClawHub

Home Lab Ops Log

Security checks across malware telemetry and agentic risk

Overview

This is a local homelab change-log formatter; its active configuration is coherent, but users should treat the bundled Python script as local code that can read chosen inputs and write chosen outputs.

Install only if you are comfortable running a bundled Python helper locally. Use it on intended change-log inputs, review the output path before writing, and redact sensitive hostnames, tokens, passwords, or private infrastructure details before feeding them into generated logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill declares no permissions, yet its instructions explicitly allow invoking `python3` and imply reading local resources and producing output files, which creates shell, file-read, and file-write capability without transparent declaration. This is dangerous because users or host frameworks may trust the frontmatter to reflect the skill's runtime power, leading to under-scoped review and unexpected local file or command access.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The script implements broad directory auditing, CSV inspection, regex-based pattern scanning, and skill-package validation functions that materially exceed the stated purpose of a homelab ops-change logging skill. This scope expansion increases the chance of collecting and exposing unrelated local file contents or metadata, especially when run on arbitrary directories supplied by the user.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The built-in regex patterns search for secrets, private/internal URLs, and risky shell snippets in arbitrary files, which is not justified by the declared logging use case. In context, this creates a data-discovery capability that can surface sensitive infrastructure details from local repositories and then print them into reports, increasing disclosure risk even though one pattern partially masks some secret-like matches.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal