ClawHub

Senior Frontend

Security checks across malware telemetry and agentic risk

Overview

This is a coherent frontend development skill with local generators and references; it has some copy-paste security caveats but no evidence of hidden, destructive, or exfiltrating behavior.

Install only if you are comfortable running local Python generators that create project files. Use dry-run first, review generated package.json before npm install, keep changes in version control, and do not copy the localStorage token or third-party analytics examples into production without safer auth storage, consent, CSP, and vendor review.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill instructs the agent to run local Python scripts, read project files, scaffold projects, and generate components, which implies file read/write and code-execution capabilities. However, the skill metadata declares no permissions, creating a mismatch that can lead to over-privileged or unreviewed execution in environments that rely on explicit permission declarations for safety and policy enforcement.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The example explicitly recommends loading third-party analytics and chat scripts, which causes external network requests and may expose user metadata, behavior, and page context to outside vendors. In a frontend optimization guide this is not inherently malicious, but presenting it without any privacy, consent, CSP, or vendor-trust caveats can normalize insecure integration patterns.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The Zustand example persists an authentication token to browser storage via the persist middleware, which typically uses localStorage. Tokens stored in web storage are accessible to any JavaScript running in the origin, so an XSS bug elsewhere in the app can expose credentials and enable session hijacking. In a frontend guidance document, this is especially risky because readers may copy the pattern directly into production code without understanding the tradeoff.

External Transmission

Medium
Category
Data Exfiltration
Content
{/* Load analytics after page is interactive */}
        <Script
          src="https://analytics.example.com/script.js"
          strategy="afterInteractive"
        />
Confidence
87% confidence
Finding
https://analytics.example.com/

VirusTotal

47/47 vendors flagged this skill as clean.

View on VirusTotal