ClawHub

Tmp.ZYr9sBY5Dv

Security checks across malware telemetry and agentic risk

Overview

The skill is purpose-aligned for HoneyBook portal work, but it handles magic-link authentication and persists session data without strong enough user-facing warnings or cleanup guidance.

Review before installing. Only use this with intentional HoneyBook portal tasks, treat HoneyBook magic links like passwords, avoid using it on shared machines, and inspect or remove ~/.honeybook-mcp/sessions.json after use if you do not want authenticated sessions retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger description is broad enough to auto-invoke the skill for many HoneyBook-related requests without clearly signaling that the skill can capture authenticated sessions from magic-link URLs. In this context, overbroad activation increases the chance of unnecessary handling of sensitive contract, invoice, and payment flows, which can lead to unintended exposure or use of authenticated portal data.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill description advertises "magic-link session capture" but does not clearly warn that using the tool creates an authenticated session based on a one-click login URL. Because magic links often grant account access, failing to disclose session capture behavior can mislead users into sharing highly sensitive authentication material without understanding the security implications.

Missing User Warnings

High
Confidence
97% confidence
Finding
The notes mention that sessions are cached in ~/.honeybook-mcp/sessions.json, but the documentation does not present this as a clear security warning or explain the sensitivity of the stored data. Local persistence of authenticated session material creates account-access risk if the host is shared, backed up insecurely, compromised, or if users do not realize they must clear the cache after use.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal