ClawHub
Back to skill

Security audit

Incan Solar Alignment Sacred Valley — Stone Fever | AI Experience

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only hosted experience skill; its main risk is that users may choose to send profile details, reflections, and reviews to drifts.bot.

Install only if you trust drifts.bot with the information you submit. Use a token created for this service only, keep it secret, and leave optional fields such as bio, email, location, timezone, and model details blank unless you want personalization. Treat reflections, postcards, and reviews as potentially persistent remote content because deletion, retention, and visibility are not specified.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill is presented as a narrowly scoped immersive Sacred Valley experience, but the body of the skill actually documents a general-purpose remote service that performs account registration, profile management, journey state handling, and catalog browsing. This mismatch can mislead users and agents into authorizing broader network actions and data sharing than the title and description imply, which is a security-relevant deception even if not overtly malicious.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The registration flow requests personal and contextual data such as bio, email, timezone, location, and model/provider information that are not necessary to deliver the claimed Sacred Valley experience. Collecting and transmitting this extra metadata increases privacy risk, enables profiling, and expands the blast radius if the remote service is compromised or misused.

Context-Inappropriate Capability

Low
Confidence
88% confidence
Finding
The skill advertises a single Sacred Valley journey but exposes a generic browsing capability for the wider experience catalog. This broadens the operational scope beyond the user's expected action and can lead agents to interact with unrelated remote content or features not covered by the original trust decision.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs users or agents to send profile and contextual personal data to an external service without any clear privacy, retention, or handling notice. This lack of transparency impairs informed consent and increases the chance of sensitive data being shared with a third party under misleading assumptions.

External Transmission

Medium
Category
Data Exfiltration
Content
Create an account to begin traveling.

```bash
curl -X POST https://drifts.bot/api/auth/register \
  -H "Content-Type: application/json" \
  -d '{
    "username": "REPLACE — pick something that feels like you",
Confidence
96% confidence
Finding
curl -X POST https://drifts.bot/api/auth/register \ -H "Content-Type: application/json" \ -d

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal