ClawHub

Apiclaw

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate APIClaw client, but it needs review because it sends Amazon research inputs to APIClaw and includes broader analysis and monitoring commands than the main description clearly discloses.

Review before installing if you only wanted a simple endpoint reference. This skill can spend API credits and send product keywords, ASINs, categories, and competitor or market research context to APIClaw. Prefer using APICLAW_API_KEY explicitly, avoid storing keys in shared local config files, and do not submit sensitive proprietary research unless you trust APIClaw to process it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill requires an environment secret and instructs outbound API use, but it does not declare explicit permissions despite clearly needing env access and network transmission. This weakens security review and runtime policy enforcement because a broad-scope skill can access secrets and send user-provided data to a third-party API without transparent capability declaration.

Tp4

High
Category
MCP Tool Poisoning
Confidence
81% confidence
Finding
The metadata says this skill is for general overview and endpoint/capability questions, but the content contains operational guidance for much broader automated analysis workflows and strategy presets. That mismatch can cause the agent to invoke the skill in contexts where the user did not clearly consent to deeper third-party data processing or automated multi-endpoint analysis, expanding data exposure and action scope beyond expectations.

Vague Triggers

Medium
Confidence
76% confidence
Finding
The trigger language includes broad phrases like general commerce data questions, which can cause over-invocation for unrelated or insufficiently scoped user requests. In a networked skill that consumes credits and may transmit user inputs externally, ambiguous routing increases the chance of unnecessary third-party disclosure and unintended API usage.

Missing User Warnings

Medium
Confidence
77% confidence
Finding
The skill silently reads an API key from a local config file in the skill directory, creating implicit credential sourcing beyond the declared environment-variable requirement. In an agent environment, undisclosed local secret discovery broadens the trust boundary and can lead to unintended use of stored credentials.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The client transmits user-supplied keywords, ASINs, categories, and derived analysis inputs to a third-party service, but the skill description does not clearly disclose the scope of outbound data sharing. In agent settings, this can cause users to expose sensitive business research terms or identifiers without informed consent.

Missing User Warnings

Medium
Confidence
80% confidence
Finding
The self-check command probes both environment variables and a home-directory config file for credentials without making that behavior prominent in the skill contract. Silent credential discovery from ~/.apiclaw/config.json increases the chance of unintentional secret use in shared or multi-tenant environments.

External Transmission

Medium
Category
Data Exfiltration
Content
## Quick Start
1. Get key: [apiclaw.io/api-keys](https://apiclaw.io/en/api-keys) (1,000 free credits)
2. `export APICLAW_API_KEY='hms_live_xxx'`
3. Base URL: `https://api.apiclaw.io/openapi/v2` — all POST with JSON body
4. Auth: `Authorization: Bearer YOUR_API_KEY`
5. New keys need 3-5s to activate. If 403, wait and retry.
Confidence
84% confidence
Finding
https://api.apiclaw.io/

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal