ClawHub

Scan Code

Security checks across malware telemetry and agentic risk

Overview

This is a real API-based code security scanner, but it sends code and possible secrets to an external service and stores the API key locally with limited user controls.

Install only if you are comfortable sending scanned code, possible embedded secrets, and compliance context to the xiaobenyang MCP API. Do not use it on private repositories, regulated data, or real credentials unless you have reviewed that service's privacy and retention terms, and keep the saved .env API key out of source control.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Intent-Code Divergence

Medium
Confidence
86% confidence
Finding
The workflow includes an unrelated example function for school search, which contradicts the stated purpose of a code-security scanning skill. This kind of identity and routing inconsistency can cause the agent to invoke the wrong tools or mishandle user input, increasing the risk of unintended data disclosure or unsafe behavior.

Intent-Code Divergence

Low
Confidence
82% confidence
Finding
The project structure references a gaokao-related directory name that does not match the manifest's declared identity as a code security scanner. While not directly exploitable by itself, this mismatch is a supply-chain trust and maintainability concern because it suggests the skill may be repurposed, mispackaged, or insufficiently reviewed.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to directly display raw API response data to the user. Because this skill processes source code, secrets, and compliance findings, raw responses may include sensitive submitted code, detected credentials, internal metadata, or verbose diagnostic content that should be filtered or redacted before display.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The code persists a supplied API key into a local .env file automatically, without any visible confirmation, warning, or control over storage location and file permissions. In shared development environments, containers, or repositories, this increases the risk of accidental credential exposure through source control, backups, or multi-user filesystem access.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The function forwards arbitrary user-supplied source code to an external API via call_api without any visible consent flow, disclosure, redaction, or data-classification checks in this file. Because source code may contain proprietary logic, personal data, or embedded credentials, this can cause unintended data exfiltration to a third-party service.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This quick-scan helper sends the provided code to a remote API but does not indicate any warning, minimization, or approval mechanism. In a developer security tool, users may reasonably pass sensitive unreleased code for scanning, so silent transmission increases confidentiality and compliance risk.

Missing User Warnings

High
Confidence
97% confidence
Finding
The secret-detection function is especially risky because it is designed to process code that may already contain API keys, tokens, or credentials, then sends that content to an external API. That creates a direct path for high-value secrets to leave the local environment, making the skill context more dangerous than a generic code-analysis feature.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The compliance check transmits source code and related security/compliance context to an external API without visible disclosure in this file. Compliance reviews often involve regulated or sensitive material, so undisclosed transfer can itself create policy, privacy, or contractual issues.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal