ClawHub

Cricket Live Score

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed cricket score notifier that sends user-requested updates to Telegram, with credential and background-process risks users should understand.

Install only if you want recurring cricket updates sent to a Telegram chat. Use a dedicated Telegram bot token, verify the chat ID and Cricbuzz URL, prefer passing the token explicitly, and know how to stop the background process. Avoid voice mode unless you are comfortable with gTTS generating audio and the result being sent through Telegram.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Low
Confidence
85% confidence
Finding
The SSRF protection is weaker than the comment claims because any hostname ending in cricbuzz.com is allowed, including attacker-controlled subdomains if such a subdomain can exist or be delegated. That means the script could be induced to fetch arbitrary attacker-hosted content under a permitted suffix, which is especially relevant in an automation context that runs repeatedly and parses remote responses.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The activation guidance is broad enough that a general sports-related request could trigger the skill without the user explicitly asking to send messages or use Telegram. Because this skill performs external actions and background monitoring, ambiguous triggering increases the risk of unintended outbound messaging and persistent execution.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill description omits a prominent warning that it sends data to third-party services and may automatically use stored credentials from environment variables or local config. This can surprise users and agents into transmitting match selections and messages via Telegram using existing bot tokens without explicit awareness.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal