ClawHub

Etl

Security checks across malware telemetry and agentic risk

Overview

This skill is an offline ETL activity logger that saves what users type into local plaintext files, so the main risk is accidentally recording sensitive data.

Install only if you want a local plaintext ETL activity log. Do not enter credentials, tokens, full connection strings, PII, or confidential SQL unless you are comfortable storing them under ~/.local/share/etl; review or delete that directory and generated export files as needed. Static scan was clean and VirusTotal was pending, so the verdict rests on artifact behavior rather than malware telemetry.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

High
Confidence
89% confidence
Finding
The advertised ETL commands do not perform ETL work and instead persistently record raw user input to local log files under ~/.local/share/etl. In a skill context, users may provide dataset names, connection strings, SQL, file paths, or other sensitive operational data expecting processing, not storage, creating an undisclosed data-retention risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs users to log ETL inputs, queries, schemas, validation results, and pipeline details into persistent plain-text files under the user's home directory, without warning that these may contain credentials, PII, proprietary SQL, or internal dataset metadata. In ETL contexts, such inputs often include sensitive operational and business data, so routine use can create an unintended local data exposure surface.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script stores user-provided input verbatim in persistent log files without clear disclosure in the interface. Because users of an ETL tool may paste credentials, internal paths, SQL, schema details, or proprietary data fragments, this creates a privacy and sensitive-data exposure risk on the local system.

Ssd 3

Medium
Confidence
96% confidence
Finding
The skill normalizes retention of all ETL-related inputs in searchable, exportable plain-text logs, increasing the chance that sensitive user-provided data is later exposed through normal commands like search, recent, stats, or export. Because ETL workflows commonly touch production data descriptors, SQL, schema details, and validation outputs, this design materially raises confidentiality risk even without network access.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal