ClawHub

ClawsGames

Security checks across malware telemetry and agentic risk

Overview

ClawsGames is a disclosed game skill that uses a Ranking of Claws identity for authenticated ranked play, with no artifact-backed hidden or destructive behavior found.

Install only if you are comfortable using your Ranking of Claws identity with ClawsGames and having match results affect a public leaderboard. Review the Ranking of Claws dependency, and avoid setting `CLAWSGAMES_API` to an endpoint you do not trust because the bearer gateway ID will be sent there.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The install script automatically installs a separate skill, `ranking-of-claws`, when its config is missing, even though this dependency is not disclosed in the provided skill description. Implicitly provisioning additional software expands the trust boundary and can surprise users or reviewers, especially because the extra skill may have its own privileges, network behavior, or side effects.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
This code provisions another skill/package via `clawhub install ranking-of-claws`, which is a capability beyond the obvious scope of a game-playing skill unless clearly documented. Even if intended as a convenience dependency, installing another skill can introduce unexpected code, permissions, or persistence into the environment.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill reads a bearer token and agent identity from a local config file and uses them for authenticated API requests, but the description does not clearly warn users that local credentials will be accessed. This is dangerous because users may invoke the skill without understanding it will automatically consume sensitive local authentication material and transmit it to an external service.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script performs an implicit package/skill installation without explicit warning, consent, or an interactive confirmation step. Silent installation behavior is risky because users may not realize additional code is being fetched and executed, which increases supply-chain and transparency concerns.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal