ClawHub

Generate Minecraft 3D build plan

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed wrapper for sending Minecraft build prompts to a remote Craftsman/DeepNLP API using a user-provided API key.

Install only if you trust the DeepNLP/Craftsman service and the optional npm/pip packages. Treat the API key as a secret, avoid putting private data in prompts or image URLs, and consider pinning or reviewing third-party package versions before installing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill requires an environment variable API key and makes outbound network calls, but it does not declare permissions for those capabilities. This weakens transparency and reviewability because users and hosting platforms may not realize the skill can access secrets and transmit data externally, increasing the risk of unintended credential exposure or unreviewed data egress.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The documentation instructs users to export and use a required API key but provides no warning about treating the credential as sensitive. This can lead to unsafe handling such as hardcoding keys in scripts, terminal history leakage, screenshots, shared shell configs, or accidental inclusion in logs and repositories.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script transmits the user-provided prompt and image URLs to an external service endpoint, but it does not give a clear user-facing disclosure or explicit confirmation that this data will leave the local environment. In an agent skill context, users may assume inputs are processed locally, so prompts or referenced URLs could unintentionally expose sensitive project data, internal links, or personal information to a third party.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal