ClawHub

Mileage

Security checks across malware telemetry and agentic risk

Overview

This is a local logging script with confusing mileage versus home-tool wording, but it does not show hidden network access, credential use, destructive behavior, or privileged execution.

Install only if you want a simple local logbook rather than a full mileage/fuel-economy tracker. Avoid entering sensitive locations, schedules, costs, or personal notes unless you are comfortable storing them in ~/.local/share/mileage and exporting them into local report files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The command surface and help text describe a broad 'home toolkit' with commands like inventory, checklist, tips, and maintain, which materially contradicts the declared mileage-tracking purpose. In an agent skill ecosystem, this kind of scope mismatch is dangerous because users or orchestrators may grant the skill access and trust appropriate for mileage logging while it actually solicits and stores unrelated personal data.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The core implementations persist arbitrary user input across unrelated categories without any mileage-specific validation or structure. That makes the skill effectively a generic note-taking datastore masquerading as a mileage tool, increasing the risk of unintentional collection of sensitive household or personal information under false expectations.

Intent-Code Divergence

Medium
Confidence
89% confidence
Finding
The inline banner explicitly labels the script as a 'home tool/home toolkit,' reinforcing that the implementation was repurposed or mislabeled relative to the manifest. While this comment alone is not exploitable code, in context it is a strong indicator of deceptive or careless packaging that can mislead review, deployment, and user consent decisions.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal