ClawHub

Kubera

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Kubera API helper that can read sensitive portfolio data and update items only when explicitly confirmed.

Install only if you want an agent or CLI to access your Kubera portfolio. Prefer read-only Kubera API keys unless you need updates, keep the environment variables private, and require an explicit user request before running commands that read or change account data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill instructs users to provide sensitive API credentials via environment variables and to run a Python script that performs network access against Kubera, but it does not declare those capabilities. Hidden or undeclared access to secrets and outbound network behavior reduces transparency for users and hosting platforms, making it easier to over-trust a skill that can read financial data and potentially modify it if write-capable keys are supplied.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The activation text is broad enough to trigger on many generic finance-related requests, which can cause the skill to be invoked in contexts where the user did not specifically intend Kubera access. Because this skill operates on highly sensitive financial portfolio data and supports updates, overbroad triggering increases the risk of unnecessary data exposure or unintended modification workflows being surfaced.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal