ClawHub

Buffer Calculator

Security checks across malware telemetry and agentic risk

Overview

This buffer-calculator skill needs review because its permissions and safety claims do not line up, and its script appears to produce dangerously inflated reagent amounts.

Review before installing. If used at all, remove or constrain Write/Edit unless you explicitly need generated files, and do not rely on its lab calculations without independent validation because the included script appears to produce severely incorrect masses.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The skill metadata grants Read, Write, Bash, and Edit, but the documentation later states there is 'No file access.' That mismatch is security-relevant because users and downstream systems may rely on the documentation to assess risk, while the actual granted capabilities permit file modification and command execution. In an agent setting, misleading capability disclosure increases the chance of unsafe invocation and weak oversight.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
Write and Edit permissions are not justified by a calculator-oriented skill whose primary function is to compute recipes and present instructions. These capabilities allow modification of local files and generated artifacts, creating unnecessary risk of tampering with notebooks, configs, or unrelated workspace content if the skill is misused or chained into a broader workflow.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
Write and Edit permissions are not justified by a calculator-oriented skill whose primary function is to compute recipes and present instructions. These capabilities allow modification of local files and generated artifacts, creating unnecessary risk of tampering with notebooks, configs, or unrelated workspace content if the skill is misused or chained into a broader workflow.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The manifest presents the skill as a calculation and instruction assistant, yet the declared tooling enables broader behaviors such as shell execution and file modification. This capability-purpose mismatch is dangerous because trust decisions are often based on the stated skill role, while the effective permissions would let the skill act far beyond that role if abused.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal