ClawHub

Toxicity Structure Alert

Security checks across malware telemetry and agentic risk

Overview

This is a local chemistry screening skill with documentation and dependency hygiene issues, but no evidence of hidden data access, exfiltration, persistence, or destructive behavior.

Use this only for chemical structure inputs such as SMILES/SMARTS, not clinical narratives or general documents. Install it in an isolated Python environment, prefer a trusted RDKit source, and pin or remove the listed dependencies before production use. Treat results as screening signals that require expert toxicology validation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (5)

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The audit-ready command uses clinical free text as the --input even though the skill is explicitly for molecular structure scanning with SMILES/SMARTS. This creates scope confusion and can cause the skill to be invoked on inappropriate sensitive text, increasing the chance of mishandling medical content, invalid analysis, or downstream misuse of outputs.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger description says the skill can be used for broad 'data analysis tasks,' which weakens scope boundaries for a tool that should only assess molecular toxicophores. Overbroad routing language can cause unintended invocation on unrelated or sensitive datasets, leading to incorrect outputs and increasing prompt/instruction confusion.

Unpinned Dependencies

Low
Category
Supply Chain
Content
dataclasses
enum
rdkit
Confidence
96% confidence
Finding
dataclasses

Unpinned Dependencies

Low
Category
Supply Chain
Content
dataclasses
enum
rdkit
Confidence
98% confidence
Finding
enum

Unpinned Dependencies

Low
Category
Supply Chain
Content
dataclasses
enum
rdkit
Confidence
99% confidence
Finding
rdkit

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal