ClawHub

Perftest

Security checks across malware telemetry and agentic risk

Overview

This is a small HTTP benchmarking helper with disclosed user-run commands, but users should be careful with target URLs and report file paths.

Install only if you are comfortable running a shell-based benchmarking helper. Use it only against services you own or are authorized to test, and pass report/compare only files you intend the agent to read. The maintainer should quote shell arguments, restrict report files to generated benchmark output, and document network/load expectations more clearly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill advertises HTTP benchmarking, but the `report` and `compare` commands read arbitrary local files with `cat` and `head` on user-supplied paths. In an agent/tooling context, this creates an unintended file-read capability that could expose sensitive local data unrelated to performance testing.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
Arbitrary file reading is not justified by the skill's stated purpose of benchmarking web services, so it expands the tool's effective privileges beyond user expectations. Even though the commands only display file contents, that is sufficient to leak secrets from configuration files, SSH material, tokens, or other sensitive local artifacts if an agent is induced to invoke them.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation explains local data storage but omits any warning that latency, throughput, http, and especially stress testing commands will send network traffic to user-supplied destinations. In context, this is dangerous because the skill is specifically built to benchmark and stress web services, so misuse or accidental use could target internal services, third-party systems, or generate unwanted load without informed user consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal