ClawHub

Inverter

Security checks across malware telemetry and agentic risk

Overview

This skill is advertised as an inverter/VFD calculator, but the included script is really a local data-store utility with persistent add, delete, export, and config commands.

Review before installing. Treat this as a local note/data utility, not an inverter or VFD calculator, and do not rely on it for electrical or equipment status decisions. Avoid storing secrets or sensitive operational details because entries persist under ~/.inverter and can be exported or deleted by command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Tp4

High
Category
MCP Tool Poisoning
Confidence
94% confidence
Finding
The documentation presents the skill as an inverter/VFD parameter calculator, but the described commands expose generic local data storage, search, deletion, export, and config-management behavior. This mismatch can cause an agent or user to invoke the skill under false assumptions, leading to unintended local file writes, data persistence, deletion, or export of arbitrary content.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill documentation claims a domain-specific electrical tool, but the command set is effectively a generic CRUD-style local data manager. That discrepancy increases the risk of misuse by agents that may grant broader trust to a seemingly specialized skill while it actually manipulates local stored data.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The command descriptions are generic enough to support arbitrary entry management rather than inverter-specific actions, despite the skill branding implying specialized status or parameter operations. This ambiguity can mislead users and orchestrators into allowing file-modifying actions they would not expect from an inverter utility.

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The implementation materially diverges from the declared purpose: instead of inverter/VFD calculations or status checking, it provides a generic local data store with add/list/search/remove/export/config capabilities. In a skill ecosystem, this kind of scope mismatch is dangerous because it can mislead users into granting trust to functionality unrelated to the advertised task, enabling unauthorized collection, persistence, and manipulation of user-provided data.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The config command allows arbitrary key/value storage and in-place modification in a local config file, which is unrelated to the stated inverter calculator/status purpose. This broadens the skill into a generic persistence mechanism and increases risk of hidden state, misuse, and user confusion about what data is being stored or altered.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation advertises add, remove, export, and config-changing operations without warning about side effects, persistence, or potential data loss. In an agent setting, undocumented write/delete/export capabilities are dangerous because they can be invoked without the user realizing local files will be modified or data will be copied out.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The remove command deletes a selected line from persistent storage immediately, with no confirmation, dry-run, or recovery option. While this is primarily a safety and integrity issue rather than code execution, it can still cause accidental data loss, especially because the tool stores data persistently under the user's home directory.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The export command creates or overwrites files in the current working directory without explicit warning or requiring user acknowledgement. This can lead to accidental clobbering of existing files or unintended data exposure, especially when users assume the command is read-only or tied only to inverter status inspection.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal