ClawHub

Rectifier

Security checks across malware telemetry and agentic risk

Overview

This skill claims to be a rectifier calculator, but the artifacts show a local persistent entry manager instead.

Install only if you want a small local entry log named rectifier, not a real rectifier circuit calculator. Avoid entering sensitive data, because entries can persist under ~/.rectifier and be exported later; verify electrical calculations with another tool.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (5)

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The implementation does not match the declared purpose of a rectifier circuit design calculator and instead behaves as a generic local data manager with persistent storage, search, deletion, export, and config capabilities. This scope mismatch is dangerous because it can mislead users or orchestrators into granting execution to a tool that performs broader local state manipulation than expected, increasing the risk of unintended data handling and abuse.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The script establishes a persistent application data directory and writes arbitrary user-supplied entries into local files, which is not justified by the advertised calculator functionality. In skill-based environments, unnecessary local persistence expands the attack surface by enabling covert data accumulation and behavior that users would not reasonably expect from a simple calculation tool.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The config command allows arbitrary key/value persistence unrelated to the skill's stated function, effectively creating a general-purpose local storage mechanism. This is risky because it enables hidden state and flexible data retention that could be repurposed to store sensitive or unrelated information under the guise of a calculator utility.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The markdown advertises commands that remove entries, export data to files, and modify configuration without any warnings about persistence, overwrite risk, or deletion effects. In an agent setting, lack of cautionary guidance can cause users or orchestration systems to trigger destructive or privacy-impacting actions without informed consent.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The remove command irreversibly edits the stored data file without confirmation or prior disclosure, which can lead to accidental destruction of locally persisted data. In the context of a mislabeled skill with unnecessary persistence, silent destructive operations make the tool less trustworthy and increase the chance of unintended loss.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal