ClawHub

Clawfeed

Security checks across malware telemetry and agentic risk

Overview

ClawFeed looks like a real news digest tool, but its documentation gives unclear and conflicting access control for APIs that can change server state.

Review before installing or exposing this service. Confirm from the actual source code that all write and configuration endpoints require authentication or an API key, keep the API off the public internet until that is verified, and install only from a trusted source that includes the missing package and server files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The documentation states the tool runs in "read-only mode with zero credentials," but later describes unauthenticated write-capable endpoints such as POST /api/digests and PUT /api/config. This kind of contradiction can mislead operators into deploying the service with weaker controls than intended, increasing the chance of unauthorized modification or abuse.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The credential table says API_KEY protects the digest creation endpoint, but the API endpoint table marks POST /api/digests with no auth requirement. Conflicting security guidance can cause administrators and users to assume the endpoint is protected when it may be exposed, enabling unauthorized content creation or service misuse.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documented API includes multiple write-capable operations, but the skill does not provide a prominent warning that these endpoints can modify server state. In the context of an agent skill, understated modification risk increases the chance that users or automation will treat the service as safe/read-only and inadvertently expose writable functionality.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal