ClawHub

Turbine

Security checks across malware telemetry and agentic risk

Overview

The skill claims to be a turbine calculator but actually behaves like a local entry tracker that stores, deletes, and exports user-provided data.

Review before installing. Use this only if you intentionally want a small local command-line entry tracker, not a turbine engineering calculator. Avoid entering sensitive information because entries are retained under ~/.turbine by default and can be exported or deleted by the script.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The documented behavior materially differs from the stated purpose: a 'turbine performance calculator' is presented, but the commands describe a generic persistent local datastore with add/list/search/remove/export/config operations. This mismatch can mislead users and agents into granting the skill broader trust or permissions than warranted, increasing the risk of unintended data collection, local file writes, and destructive actions.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The implementation materially diverges from the declared purpose: instead of performing turbine calculations, it provides a generic local datastore with add/search/remove/export/config capabilities. This kind of hidden or misrepresented functionality is dangerous because users or orchestrators may grant the skill permissions and trust appropriate for a calculator while it quietly persists and manages unrelated data on disk.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The script persistently logs user-supplied entries to ~/.turbine/data.jsonl even though the stated purpose does not justify collecting or retaining user data. Unnecessary persistence increases privacy and security risk because sensitive inputs may be stored locally without clear user expectation, then later searched, listed, or exported.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The export feature writes accumulated stored data to local files, extending the impact of the undisclosed datastore behavior beyond simple local retention. In context, a turbine calculator should not need bulk data exfiltration-style functionality, so this increases the chance of misuse, accidental disclosure, or operational surprise.

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The inline documentation labels the tool as a turbine performance calculator, but the code behavior is that of a generic entry manager. Mislabeling functionality undermines informed consent and security review, making the skill more dangerous because operators may not scrutinize data storage and file-writing behaviors they would otherwise reject.

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The help text reinforces a false description while advertising commands unrelated to turbine calculations, which is a strong indicator of deceptive or careless packaging. This is dangerous because users rely on help output to understand side effects; here, they are not warned that the tool stores, manages, and exports local records.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill documents a remove command that deletes entries by number, but provides no warning, confirmation behavior, or recovery guidance. In an agent setting, this can lead to accidental or unauthorized deletion of locally stored records, especially if invoked based on ambiguous user input or automation.

Missing User Warnings

Low
Confidence
79% confidence
Finding
The export command writes stored data to a file, but the documentation does not clearly warn users that local file output will occur or where the file will be written. This can cause unintentional data exposure, overwriting of files, or leakage of stored content into less protected locations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal