ClawHub

Ip Advisor

Security checks across malware telemetry and agentic risk

Overview

This IP helper appears legitimate, but two optional commands can reveal network details, including one that contacts Amazon's public IP lookup service.

Reasonable to install for IP and subnet tasks. Avoid running local if you do not want interface details exposed in the agent session, and avoid running public unless you are comfortable contacting checkip.amazonaws.com and revealing your public IP lookup to that service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill exposes shell-backed functionality but declares no permissions, which prevents users or a platform from understanding that host-level commands may be executed. In this case, the commands include local interface inspection and external network access, so the missing permission declaration weakens transparency and consent around potentially sensitive operations.

Tp4

High
Category
MCP Tool Poisoning
Confidence
92% confidence
Finding
The skill description presents itself as an IP/subnet planning tool, but it also enumerates local network information and makes an outbound request to checkip.amazonaws.com to discover the public IP. That mismatch is dangerous because users may invoke the skill expecting offline calculation only, while it can access host network details and disclose environment metadata to an external service.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The `public` command performs an external request to `checkip.amazonaws.com`, which goes beyond the stated purpose of subnet/CIDR planning. This leaks that the skill is being used, exposes the user's public IP and metadata to a third party, and introduces unnecessary outbound network behavior not disclosed by the manifest.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The `local` command enumerates host network interface configuration using `ip -br addr` or `ifconfig`, which accesses environment-specific system information unrelated to basic IP/subnet calculation. In an agent skill, this can reveal internal network layout and interface details that are sensitive and not justified by the advertised functionality.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The code makes an outbound network call to a third-party service to determine the public IP, which is not necessary for subnet calculation or CIDR notation assistance. This creates data exposure to an external service, can bypass user expectations about offline/local processing, and increases the attack surface through undisclosed network communication.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill silently contacts an external service without user-facing disclosure in the help output or stated description. Even if the request is user-triggered via `public`, the lack of transparency is dangerous because users may assume the tool only performs local IP calculations and does not transmit network-identifying information off host.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal