ClawHub
Back to skill

Security audit

Meridian

Security checks across malware telemetry and agentic risk

Overview

Meridian is a market-intelligence skill that asks the agent to search public sources and save sourced reports, with some operational cautions but no evidence of hidden, destructive, or credential-seeking behavior.

Install this if you want an agent to research recent AI market activity and produce saved, sourced reports. Treat all search terms as potentially sent to public services, avoid confidential internal names or sensitive strategy, and review the generated intel/ output path before allowing overwrites.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill includes executable shell pipelines using curl and python3 to query external services, which expands the capability from simple report generation into code execution and network activity. Even if shown as examples, embedding these commands in the operating instructions can cause an agent to perform unnecessary shell actions, increasing risk of misuse, environment interaction, and unintended data handling.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The manifest frames the skill as producing intelligence narratives, but the instructions additionally require reading template files and writing reports to disk. This creates a mismatch between declared purpose and actual behavior, which can surprise users and enable unintended file system modification beyond what is necessary to answer a query.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill directs writing output files under intel/ without notifying the user or obtaining consent. Silent file creation or overwrite is risky because it can alter the local workspace, destroy existing content, or create artifacts the user did not intend to persist.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.