ClawHub

Bearing

Security checks across malware telemetry and agentic risk

Overview

This is advertised as a bearing calculator, but the artifacts show a local entry tracker that stores, searches, deletes, configures, and exports user-provided data.

Install only if you want a simple local entry tracker, not a bearing calculator. Do not store sensitive engineering or project data unless you are comfortable with it being retained under ~/.bearing or a BEARING_DIR override, and be careful with remove and export because they can delete entries or duplicate stored data into local files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Tp4

High
Category
MCP Tool Poisoning
Confidence
89% confidence
Finding
The skill is presented as a bearing selection and life calculator, but the documented behavior includes a general-purpose local datastore with add/list/search/remove/export/config operations. This expands the trust boundary and can mislead users into invoking persistent file-writing and data-export features they would not reasonably expect from the stated purpose, increasing the risk of unintended data exposure or modification.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The script’s implemented behavior materially differs from the declared skill purpose: instead of performing bearing selection or life calculations, it acts as a generic local data logger and configuration manager. This kind of capability mismatch is dangerous because users and agent frameworks may grant trust or invoke the skill under false pretenses, enabling unexpected data collection, persistence, and file manipulation in the user context.

Intent-Code Divergence

High
Confidence
96% confidence
Finding
The inline header explicitly claims this is a bearing selection and life calculator, but the code contains no such logic and instead stores and manages arbitrary user-provided entries. Misleading documentation inside executable content increases the risk of deceptive deployment, causing reviewers or automated systems to misclassify the skill and overlook unexpected data-handling behavior.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The user-facing help presents the tool as a bearing calculator while exposing commands for adding, listing, searching, removing, exporting, and configuring stored data. In a skill ecosystem, deceptive help text can mislead users into running a tool they believe is domain-specific when it actually provides generalized persistence and export capabilities, increasing the chance of unintended data exposure or misuse.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The documentation advertises commands that add, remove, export, and reconfigure persistent data without any warning that these operations modify files under ~/.bearing/ or may delete existing entries. Even if limited to a user-local directory, undocumented state-changing behavior can cause accidental data loss, unintended retention, or exporting sensitive engineering/project data to files.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal