ClawHub

MONK-EYE Engine

Security checks across malware telemetry and agentic risk

Overview

The skill is not destructive, but it materially overstates what it does and has brittle hard-coded local dependencies that users should review before installing.

Review this before installing. Treat any MONK-EYE report as untrusted unless it includes real, verifiable source URLs and evidence. Prefer fixing the hard-coded paths to use bundled files, requiring explicit source/language/depth limits, and replacing fabricated progress/completion claims with measured results.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The code emits claims about 'deep crawling' and 'following internal links to private documentation' even though it performs no such actions. This is deceptive behavior: users, operators, or downstream agents could rely on fabricated research coverage and make decisions based on false assurances, which is a security-relevant integrity issue in an agent skill.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The skill reports '1M+ tokens' analyzed, 'ultimate Strategic Dossier' creation, and 'Millions of data points processed' despite only printing fixed strings. In an agent context, fabricated analytical claims can mislead users into trusting nonexistent work product, causing unsafe automation decisions and masking failure or non-performance.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The invocation phrase is broad enough that ordinary research-style prompts could unintentionally trigger the skill, causing the agent to perform expansive forum scraping without the user clearly intending that behavior. In this skill, that risk is heightened by the described "infiltration" and recursive scanning model, which can lead to unexpected external access, privacy exposure, or policy-violating collection behavior.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The description prominently advertises deep, recursive scanning across hundreds of forums and multiple regions/languages, but does not warn users that their requests may cause extensive external data collection and broad outbound access. This omission undermines informed consent and can expose users or operators to privacy, compliance, and operational risks, especially given the skill's emphasis on niche forums and large-scale intelligence gathering.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal