ClawHub

Llm Provider Forensics

Security checks across malware telemetry and agentic risk

Overview

This is a coherent LLM endpoint forensics tool that uses configured API keys and provider probes as expected, with no hidden persistence, exfiltration, or destructive behavior found.

Install only if you intend to test LLM provider endpoints. Before running it, verify the config path, selected provider names, model ID, and whether --deep is needed, because it will use provider API keys, send test prompts to external services, and may consume quota or create provider-side logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill instructs the agent to read local reference files and perform live provider probing over the network, yet it declares no permissions. This creates a capability/permission mismatch that can bypass operator expectations and policy controls, especially because the skill is designed to contact external LLM endpoints and inspect local configuration files during forensic testing.

Ssd 2

Medium
Confidence
95% confidence
Finding
The deep test suite includes a prompt requesting instructions to bypass a commercial website paywall, which solicits assistance for circumvention of access controls. Because the tool automatically sends this prompt to configured providers, it can generate or transmit misuse-oriented content during normal operation and may violate policy, trigger provider sanctions, or create compliance and reputational risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal