ClawHub

Cargo Analytics

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a transparent Cargo analytics/export guide, but it also includes an under-warned command that can re-run workflow records and trigger real workspace side effects.

Install only for users who are authorized to access and export Cargo workspace data. Treat downloaded files and signed URLs as sensitive, scope exports with workflow/date/status/model filters, and require explicit approval before using the documented failed-record re-run command because it can execute workflows and create side effects.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill is scoped as analytics/download/export, but it documents `cargo-ai orchestration batch create` to re-run failed records, which is a state-changing operational action. That scope expansion can cause an agent or user to perform unintended workflow executions, consuming credits, triggering external side effects, or mutating production state when they expected read-only analytics behavior.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill documents result download and export flows, including `run download-outputs`, which returns signed URLs to result files, without prominently warning that these commands can retrieve potentially sensitive workspace data. In an agent context, this omission increases the risk of over-broad data exfiltration, accidental sharing of signed URLs, or unsafe handling of exported records under the guise of routine analytics.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The examples explicitly demonstrate bulk export of segment data, including records filtered on an email field, but provide no guidance on authorization checks, least-privilege usage, minimization, or handling of potentially sensitive personal data after export. In a skill whose purpose is downloading analytics and export data, this materially increases the risk of over-collection and privacy misuse by normalizing unrestricted extraction of user data.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The example instructs users to download error runs for inspection without any warning that the downloaded artifacts may contain sensitive workflow inputs, outputs, logs, or personal data. In an analytics/debugging context, users may casually export production error data to local machines or insecure locations, increasing the risk of unintended disclosure and poor data handling.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal