ClawHub

Mintsoft

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Mintsoft API query wrapper, with an optional local token cache that users should treat as sensitive.

Prefer using a pre-issued MINTSOFT_API_KEY or environment variables instead of passing passwords on the command line. Install only if you are comfortable letting the skill read Mintsoft warehouse and order data and cache a temporary API key locally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The manifest markets the skill as using only a single API key, while the documentation expands scope to username/password login and cached token reuse. This is dangerous because it undermines informed consent and may lead operators to expose primary account credentials where they expected only a scoped API secret to be used.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill metadata says it is a single API-key wrapper, but the code also supports username/password authentication and exchanges those credentials for a cached API key on disk. This expands the credential surface beyond the declared purpose, increasing the chance that a caller supplies higher-value credentials than expected and that those secrets are persisted locally.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The code reads username and password from flags or environment variables, sends them to the remote Auth endpoint, and caches the returned token locally. For an API-wrapper skill advertised as using one API key, this is an unnecessary credential expansion that can capture and persist more sensitive account credentials than users expect.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
Accepting passwords via command-line flags can expose credentials through shell history, process listings, job-control logs, and agent telemetry. In multi-user or monitored environments, another local user or logging system may recover the password even if the API call itself uses HTTPS.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal