ClawHub

Mindmap

Security checks across malware telemetry and agentic risk

Overview

This package is presented as a mind-map visualizer, but the included script is actually a persistent plaintext note/log manager.

Install only if you want a simple local plaintext logging tool, not a mind-map visualizer. Do not store secrets or sensitive brainstorming content unless you are comfortable with it remaining in data.log and history.log, and do not rely on the remove command to actually delete stored entries.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Tp4

High
Category
MCP Tool Poisoning
Confidence
98% confidence
Finding
The skill’s manifest and branding claim terminal mind-map creation and visualization, but the documented behavior is actually a generic persistent local logging utility with add/list/search/remove/export capabilities and audit history. This kind of capability mismatch is dangerous because agents or users may invoke the skill under false assumptions, leading to unintended persistent data creation, retention, and disclosure of local information.

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The manifest says the skill creates and visualizes mind maps, but the body describes a general-purpose local record manager. This inconsistency can mislead automated systems into granting or invoking the skill in brainstorming contexts while it actually performs filesystem-backed storage operations, increasing the risk of unauthorized persistence or data exposure.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The documented functionality is materially different from the advertised skill purpose: it stores entries locally, keeps command history, and supports export/search/remove operations rather than mind-map visualization. In agent environments, this discrepancy undermines trust boundaries and can cause the tool to be selected for benign brainstorming tasks while actually creating durable local state and exposing accumulated data.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The implementation materially diverges from the declared skill purpose: instead of creating or visualizing mind maps, it behaves like a generic local logging utility with add/list/search/export behavior. This is dangerous because capability mismatch undermines user trust, can cause the agent to invoke a tool under false pretenses, and expands the chance of unintended data collection or exposure through logging and export features unrelated to the advertised function.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The script’s own comments and help output explicitly describe a 'Multi-purpose utility tool,' which contradicts the published identity of a mind-map skill. Such inconsistency is a security concern because deceptive or misleading documentation can hide actual behavior from reviewers and users, making misuse, overbroad invocation, and unnoticed data persistence more likely in an agent environment.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The markdown does not prominently warn that commands create and modify persistent local data and maintain an audit history. In a skill advertised for brainstorming and mind mapping, omission of this disclosure increases the chance that sensitive thoughts, notes, or operational details are stored on disk and later exposed through search/export or local compromise.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal