ClawHub

News Sentiment

Security checks across malware telemetry and agentic risk

Overview

This is a coherent crypto sentiment skill that calls external Twitter and DashScope APIs for analysis, with privacy and feature-accuracy caveats but no evidence of hidden, destructive, or unrelated behavior.

Install only if you are comfortable providing API keys and sending crypto search terms plus retrieved social/news content to 6551.io and DashScope. Use scoped tokens, avoid private or regulated content, and treat the generated buy/sell signals as informational rather than financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill declares access to environment variables and network-capable binaries but does not expose an explicit permissions model to users. This creates a transparency and consent gap: users may not realize the skill can access API secrets and make outbound requests, increasing the risk of unexpected data exposure or overreach.

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The documented purpose says the skill analyzes news and social sources, but the behavior also includes sending collected content to DashScope for LLM processing without clearly disclosing that third-party transfer. This is dangerous because externally collected data, potentially including sensitive or proprietary inputs, may be transmitted to another processor outside the user's expectations, creating privacy, compliance, and supply-chain risk.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly advertises collection from Twitter, news sites, and social media and instructs users to provide API credentials, but it does not warn what data is transmitted, retained, or shared with third-party services. In a skill that analyzes external content and uses external APIs, this omission can mislead users about privacy exposure and credential handling, increasing the risk of unintended data disclosure.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill omits a clear warning that it retrieves data from external social/news sources and relies on third-party APIs for analysis. Users may assume processing is self-contained, when in reality their queries and gathered content may be shared with outside services, which can affect privacy, cost, reliability, and regulatory obligations.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
Tweet text collected by the skill is transmitted to a third-party LLM API without any explicit notice, consent flow, or minimization beyond truncation. Even if tweets are public, the aggregation and retransmission of content to another provider can create privacy, compliance, and data-governance risk, especially in enterprise or regulated environments.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal