ClawHub

TrendAI Vision One Threat Intelligence

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it connects to TrendAI Vision One for threat intelligence lookups and includes a clearly disclosed command that can add block-list entries.

Install only with a least-privilege Vision One API key. Use view-only Threat Intelligence permissions for lookup/feed/report/hunt workflows, and grant configure/write permission only if you intentionally want the agent to add suspicious objects that may block or log production traffic.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill declares required environment variables and invokes a Python script that can read local reference files, write or modify remote state via the Vision One API, and perform network access, but it does not declare corresponding permissions. This creates a trust and enforcement gap: an agent or reviewer may treat the skill as lower-risk than it is, while the skill can access secrets and perform external actions, including the write-capable 'suspicious add' operation.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation describes destructive threat-intel operations such as adding blocklist entries and deleting suspicious objects/exception items without warning about operational impact, authorization requirements, confirmation, or rollback considerations. In a security-agent skill, this can lead an autonomous or inattentive user to modify enforcement lists and disrupt legitimate traffic or remove protections based solely on documentation-driven actions.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The `suspicious add` command can submit a blocking action directly to the Vision One API using user-provided CLI arguments, with no confirmation prompt, dry-run mode, or secondary approval. In an agent context, this is more dangerous than a normal admin CLI because a misinterpreted prompt, prompt injection, or automation error could cause unintended blocking of domains, IPs, URLs, or hashes and disrupt legitimate business activity.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal