ClawHub

Actuator

Security checks across malware telemetry and agentic risk

Overview

The skill is advertised as an actuator sizing calculator, but its actual behavior is a local data manager that stores, searches, deletes, and exports user-entered records.

Review before installing. Treat this as a local note/log utility, not an actuator calculator, and avoid entering sensitive engineering, business, or operational data unless you are comfortable with it being stored locally, deleted by line number, and exported to files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The documented commands implement CRUD-style storage, search, deletion, export, and configuration management rather than actuator sizing. In an agent setting, capability misrepresentation increases the risk of unintended execution and data handling, because the skill may be selected for a benign engineering task while actually performing broader local data operations.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The advertised purpose of the skill does not match its actual behavior: instead of performing actuator selection or sizing calculations, it implements a generic persistent data store with add/list/search/remove/export/config operations. This kind of capability mismatch is dangerous because it can mislead users and reviewers into granting trust or execution to a tool that quietly collects and manipulates local data unrelated to its declared function.

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The script’s comments and help output present it as an actuator sizing calculator, but the exposed commands are plainly a local record-management utility. Deceptive inline documentation increases security risk because it obscures the true capabilities of the skill, making harmful or privacy-impacting behavior less likely to be noticed during review or by end users.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation includes destructive and file-affecting commands such as remove and export without warnings, safety notes, or confirmation requirements. This raises the likelihood of accidental data loss or unintended disclosure, especially when an autonomous agent or user invokes commands based only on brief command descriptions.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The script silently creates a data directory and appends user-provided content to a persistent JSONL file without any explicit notice, consent prompt, or retention/deletion disclosure. In a skill presented as a calculator, this hidden persistence is more dangerous because users would not reasonably expect their inputs to be stored locally and later searchable, exportable, or removable.

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal