ClawHub

Skill Market Fit Ranker

Security checks across malware telemetry and agentic risk

Overview

This skill is a local market-fit ranking helper with a disclosed Python script, and the reviewed artifacts do not show hidden network access, credential use, destructive actions, or persistence.

Install only if you are comfortable running a local Python helper from this publisher. Use it on intended input files, avoid feeding sensitive private material unless necessary, prefer dry-run/stdout first, and review the generated ranking before using it for publishing or roadmap decisions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill declares no permissions, yet its instructions explicitly permit running `python3` and reading local resources while also writing output files. This creates a capability/permission mismatch that can mislead users and any policy layer about what the skill may access or modify, increasing the chance of unintended local file access or shell execution.

Tp4

High
Category
MCP Tool Poisoning
Confidence
94% confidence
Finding
The stated purpose is simple prioritization/ranking, but the detected behavior includes directory scanning, regex-based inspection for secrets or private URLs, structure auditing, spec-driven mode switching, and writing audit reports. That broader behavior materially expands the attack surface and could be used to inspect unrelated local content or produce outputs beyond the user’s expected scope, which is especially risky in a user-invocable skill.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases shown in the README are short, generic everyday requests like '帮我给这批 skill 排序' and '综合高频和传播性', which are broad enough to match normal conversation outside a deliberate invocation context. This can cause unintended routing to the skill, leading to incorrect task selection, misleading outputs, or accidental processing of user content under the wrong workflow.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal