ClawHub

Palette

Security checks across malware telemetry and agentic risk

Overview

This skill claims to generate color palettes, but its script mainly records commands and keeps searchable/exportable local history instead.

Review before installing. This does not appear to be a working palette generator; it keeps local command history under ~/.palette and can search or export it. Avoid passing sensitive project details, tokens, or private prompts as arguments, and remove ~/.palette if you test it and do not want the retained logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

High
Confidence
95% confidence
Finding
The script's implemented behavior materially differs from the stated palette-management purpose: instead of generating or manipulating palettes, it primarily records user activity and provides facilities to inspect and export that history. This mismatch is dangerous because users and calling agents may provide design inputs or other sensitive arguments under the assumption of a harmless color utility, while the skill quietly persists and aggregates them.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The search, recent, stats, status, and bulk export features create a local surveillance-style capability over accumulated command history that is not justified by a palette-design tool. In context, this increases risk because it enables easy review and exfiltration of previously supplied inputs, broadening privacy exposure beyond what users would reasonably expect from this skill.

Intent-Code Divergence

High
Confidence
96% confidence
Finding
The help text advertises functional palette operations, but many handlers merely log invocation details instead of performing those operations. This deception is security-relevant because it conceals persistent collection of user-supplied arguments behind seemingly innocuous commands, making users and orchestrating agents more likely to expose sensitive data.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script persistently writes raw user-supplied command arguments to files under ~/.palette without meaningful disclosure or consent. This is dangerous because command arguments can contain sensitive prompts, project details, tokens, or proprietary data, and once stored they become available to later search, export, or local compromise.

VirusTotal

52/52 vendors flagged this skill as clean.

View on VirusTotal