ClawHub

ModelReady

Security checks across malware telemetry and agentic risk

Overview

ModelReady appears intended to run a local model server, but it can expose that server on the network by default and keep it running in the background without clear warnings.

Review before installing. Use it only if you intend to run a vLLM HTTP API server, prefer host=127.0.0.1 instead of the default all-interface bind, avoid extra= unless you understand vLLM flags, ensure your firewall is appropriate, and stop the server when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill metadata advertises access to shell, network, and environment-driven behavior (`bash`, `curl`, and `URL`) but does not declare corresponding permissions in a clear, user-reviewable way. That mismatch can cause users or the platform to underestimate the skill's actual execution capabilities, increasing the risk of unexpected command execution, network access, or data exposure.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documentation encourages users to start an OpenAI-compatible model server and interact with it over a port, but it does not warn about binding scope, network reachability, authentication, resource consumption, or exposing an inference endpoint to other local or remote users. In this context, the skill is specifically about launching a service, so omission of these safeguards makes accidental exposure and denial-of-service conditions more likely.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal