ClawHub

Farmos Marketing

Security checks across malware telemetry and agentic risk

Overview

This skill appears intended for FarmOS marketing reporting, but it gives agents broad access paths to sensitive farm business data without enough scoping or handling guidance.

Install only in a controlled FarmOS environment. Confirm that the unauthenticated integration endpoints are intentionally exposed, restrict use to authorized manager/admin users, avoid logging or sharing bearer tokens, and prefer a least-privilege read-only token flow before allowing general agents to use this skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
87% confidence
Finding
The skill states that the team agent's marketing access is 'read-only and logistics-scoped,' but elsewhere documents manager/admin access to broad protected marketing and revenue endpoints. This mismatch can mislead operators or downstream agents into underestimating the sensitivity and scope of accessible data, increasing the chance of inappropriate disclosure or overbroad use of privileged endpoints.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The authentication section instructs how to obtain and use bearer tokens for protected marketing endpoints but does not clearly label the accessed data as sensitive financial/business information or warn against exposing tokens and query results. In a skill that covers contracts, inventory, deliveries, settlements, and revenue, missing sensitivity warnings can lead to casual handling of credentials or over-sharing of confidential data.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal