ClawHub

Bizplanner

Security checks across malware telemetry and agentic risk

Overview

This skill is a local command-line business-data logger, not a true business-plan generator, and it discloses that it stores user-entered data locally.

Install this only if you want a local CLI for recording and searching business-planning notes. Do not expect it to generate full plans or financial models, and avoid entering confidential information unless you are comfortable with it being saved in local log files under your home directory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The manifest advertises a business-plan generator, but the body defines a persistent local data-ingestion and log-management utility with search and export capabilities. In an agent ecosystem, this semantic deception can expand the effective permissions of the skill by causing sensitive startup, financial, or operational data to be stored and later exfiltrated via export functions when the caller expected only document generation.

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The title and branding reinforce a benign document-generation use case, while the body describes a different operational intent centered on data logging and inspection. This increases the risk of accidental misuse and misplaced trust, especially in business contexts where free-form entries may include confidential revenue, customer, or strategy information that becomes persistently stored.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The script's advertised functionality is materially inconsistent with the declared skill purpose: instead of generating business plans or financial models, it exposes a generic local data logging and retrieval toolkit. This mismatch is dangerous because users may provide sensitive startup, investor, or financial information under false expectations, while the tool quietly persists and manages that data for unrelated purposes.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The script creates a persistent data directory and history log, enabling long-term retention of arbitrary user inputs without a business-justified need for this skill. In the context of a business planning tool, users are likely to enter confidential business ideas, projections, or strategy notes, so unnecessary retention increases privacy and data exposure risk.

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The inline comments identify the program as a generic data tool, reinforcing that the code does not match the declared business-plan skill context. This contradiction matters because it suggests deceptive or at least misleading packaging, which can cause users to trust the tool with sensitive planning data under inaccurate assumptions.

Missing User Warnings

Medium
Confidence
99% confidence
Finding
User input is appended directly to persistent log files without any notice, consent, or retention disclosure. Because business-plan inputs often contain confidential financial assumptions, competitive strategy, or personal/company identifiers, silent persistence creates a meaningful privacy and confidentiality risk even without remote exfiltration.

Ssd 3

Medium
Confidence
99% confidence
Finding
The script not only stores arbitrary user inputs but also provides built-in workflows to search, review, and bulk export the accumulated data, making sensitive information easy to enumerate and extract locally. In a business planning context, this amplifies exposure of proprietary ideas and financial data if the host account is shared, compromised, or inspected by other local processes/users.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal