ClawHub

incident-postmortem

Security checks across malware telemetry and agentic risk

Overview

This skill is a local incident postmortem generator that reads user-provided incident files and writes reports, with no evidence of hidden network access, credentials use, persistence, or destructive behavior.

Install this only if you want a local postmortem-reporting helper. Provide only the log files, incident JSON, and output paths you intend it to process, and review generated reports before sharing because they may include sensitive incident details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill documentation instructs the agent to read local log files, load JSON inputs, and write reports to arbitrary output paths, which are effective file-read and file-write capabilities despite no declared permissions. This mismatch weakens policy enforcement and user visibility into what the skill can access; while the mention of "network" is not strongly evidenced in the file itself, the undeclared local I/O capability is real and can expose sensitive incident data if the skill is invoked in the wrong context.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger list includes broad, common phrases such as "incident report," "RCA," and "incident review," which can cause the skill to activate for unrelated enterprise, legal, or security workflows. Because this skill processes logs and incident artifacts, accidental invocation increases the chance that sensitive operational data is ingested or written out when the user did not intend to use this capability.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal