ClawHub

Real Estate Showing Brief

Security checks across malware telemetry and agentic risk

Overview

This skill is a local real-estate showing brief generator with disclosed Python/file use, though its helper script contains dormant generic audit code that users should avoid repurposing.

Install only if you want a local drafting helper for real-estate showing preparation. Use it with intended buyer/property input files, choose output paths carefully, avoid feeding unnecessary personal or sensitive client data, and do not repurpose the bundled script as a general directory or secret scanner.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill declares no explicit permissions, yet its instructions include use of python3 plus local file inputs/outputs, which implies shell execution and file read/write capability. This creates a transparency and least-privilege problem: users and the platform may treat the skill as low-risk while it can access or transform local data and invoke an interpreter.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The script dispatches to multiple generic audit modes such as directory, CSV, pattern, and skill-package auditing that are unrelated to a real-estate showing brief skill. This materially expands the skill's capability surface so a user or upstream system could repurpose it to inspect local files and generate reports about arbitrary directories, which is dangerous in a constrained skill context.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
The code contains a generic regex-based scanner for secrets, internal URLs, and risky shell patterns over arbitrary files or directories. In a real-estate brief skill, this is out of scope and enables unintended local content inspection, which could expose sensitive material from unrelated files even if the output masks only part of some matches.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill_audit routine performs generic package structure and frontmatter compliance checks on arbitrary skill directories, which is unrelated to preparing a buyer/showing brief. This broadens the tool into a repository inspection utility and can reveal file presence, metadata structure, and package contents from local directories outside the declared use case.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal