ClawHub

Patent Claim Mapper

Security checks across malware telemetry and agentic risk

Overview

This skill is a local patent-claim comparison helper with disclosed file inputs and report output, and I did not find hidden network access, credential use, persistence, or destructive behavior.

Use this only on patent and product files you intentionally provide, and choose the output path deliberately. Treat the generated infringement or FTO result as preliminary analytical support, not legal advice; have qualified patent counsel review any business or legal decision based on it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill advertises executable scripts and file input/output behavior, but the metadata does not declare corresponding permissions. That creates a transparency and policy-enforcement gap: a caller or platform may invoke a skill expecting no filesystem access while the packaged workflow reads source documents and writes reports, increasing the chance of unintended data exposure or unauthorized file modification.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This skill performs patent claim mapping, infringement analysis, and freedom-to-operate support, but it does not warn users that outputs are not legal advice and require qualified legal review. In this domain, users may over-rely on automated conclusions for legal or commercial decisions, creating material risk of bad clearance decisions, infringement exposure, or misuse of the tool as a substitute for counsel.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal