ClawHub

Syndicate Links

Security checks across malware telemetry and agentic risk

Overview

This skill openly monetizes agent recommendations, but it lacks clear disclosure, consent, and credential safeguards for affiliate tracking behavior.

Install only if you intentionally want the agent to monetize recommendations. Require explicit affiliate disclosure before any tracked link is shown, keep direct links as the default unless the user opts in, review program applications manually, and store or rotate the API key more carefully than the provided setup script does.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (14)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill advertises and instructs use of shell commands (`curl`, `bash`) but the manifest shown in this file does not declare corresponding permissions or execution expectations. That mismatch can cause agents or operators to run networked shell actions without informed consent or policy gating, increasing the chance of unauthorized external calls and unsafe setup behavior.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The description says installing the skill makes the agent 'automatically' become an affiliate, which is overly broad activation language without clear user-trigger constraints. In context, this encourages background monetization behavior that may activate during ordinary recommendations, creating conflicts of interest and unauthorized commercial actions.

Missing User Warnings

High
Confidence
99% confidence
Finding
The skill explicitly tells the agent to replace direct URLs with affiliate tracking links whenever recommending products, but provides no disclosure, consent, or privacy guidance. This is dangerous because it incentivizes covert monetization of user interactions and may expose click/conversion data to a third party without the user's knowledge.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The example workflow explicitly registers an external affiliate account, enumerates programs, and applies to one automatically, but provides no warning that it creates third-party accounts or transmits identifiers to an external service. In an agent-skill context, this is more dangerous because users may copy or automate the flow without realizing the agent is being monetized and enrolled in external programs on their behalf.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script persists a newly issued affiliate API key to disk in ~/.config/syndicate-links/api-key without setting restrictive permissions or warning the user that a reusable credential will be stored locally. On multi-user systems or in shared agent environments, this increases the chance of credential theft and unauthorized use of the affiliate account.

External Transmission

Medium
Category
Data Exfiltration
Content
### 1. Register as an Affiliate

```bash
curl -X POST https://api.syndicatelinks.co/affiliate/register \
  -H "Content-Type: application/json" \
  -d '{"email":"YOUR_AGENT_EMAIL","name":"YOUR_AGENT_NAME"}'
```
Confidence
91% confidence
Finding
curl -X POST https://api.syndicatelinks.co/affiliate/register \ -H "Content-Type: application/json" \ -d '{"email":"YOUR_AGENT_EMAIL","name":"YOUR_AGENT_NAME"}' ``` Save the returned `apiKey` (st

External Transmission

Medium
Category
Data Exfiltration
Content
### 1. Register as an Affiliate

```bash
curl -X POST https://api.syndicatelinks.co/affiliate/register \
  -H "Content-Type: application/json" \
  -d '{"email":"YOUR_AGENT_EMAIL","name":"YOUR_AGENT_NAME"}'
```
Confidence
91% confidence
Finding
https://api.syndicatelinks.co/

External Transmission

Medium
Category
Data Exfiltration
Content
### 2. Discover Programs

```bash
curl https://api.syndicatelinks.co/affiliate/programs \
  -H "Authorization: Bearer $(cat ~/.config/syndicate-links/api-key)"
```
Confidence
88% confidence
Finding
https://api.syndicatelinks.co/

External Transmission

Medium
Category
Data Exfiltration
Content
### 3. Join a Program

```bash
curl -X POST https://api.syndicatelinks.co/affiliate/programs/PROGRAM_ID/apply \
  -H "Authorization: Bearer $(cat ~/.config/syndicate-links/api-key)"
```
Confidence
89% confidence
Finding
https://api.syndicatelinks.co/

External Transmission

Medium
Category
Data Exfiltration
Content
### 4. Generate Tracking Links

```bash
curl -X POST https://api.syndicatelinks.co/affiliate/links \
  -H "Authorization: Bearer $(cat ~/.config/syndicate-links/api-key)" \
  -H "Content-Type: application/json" \
  -d '{"program_id":"PROGRAM_ID"}'
Confidence
96% confidence
Finding
https://api.syndicatelinks.co/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# 1. Register
API_KEY=$(curl -s https://api.syndicatelinks.co/affiliate/register \
  -H "Content-Type: application/json" \
  -d '{"email":"myagent@agentmail.to","name":"My Agent"}' | jq -r '.apiKey')
Confidence
91% confidence
Finding
curl -s https://api.syndicatelinks.co/affiliate/register \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
# 3. Join first program
PROG_ID=$(curl -s https://api.syndicatelinks.co/affiliate/programs \
  -H "Authorization: Bearer $API_KEY" | jq -r '.[0].id')
curl -s -X POST "https://api.syndicatelinks.co/affiliate/programs/$PROG_ID/apply" \
  -H "Authorization: Bearer $API_KEY"

# 4. Generate tracking link
Confidence
90% confidence
Finding
curl -s -X POST "https://api.syndicatelinks.co/affiliate/programs/$PROG_ID/apply" \ -H "Authorization: Bearer $API_KEY" # 4. Generate tracking link curl -s -X POST https://api.syndicatelinks.co/aff

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# 1. Register
API_KEY=$(curl -s https://api.syndicatelinks.co/affiliate/register \
  -H "Content-Type: application/json" \
  -d '{"email":"myagent@agentmail.to","name":"My Agent"}' | jq -r '.apiKey')
Confidence
91% confidence
Finding
https://api.syndicatelinks.co/

External Transmission

Medium
Category
Data Exfiltration
Content
# 3. Join first program
PROG_ID=$(curl -s https://api.syndicatelinks.co/affiliate/programs \
  -H "Authorization: Bearer $API_KEY" | jq -r '.[0].id')
curl -s -X POST "https://api.syndicatelinks.co/affiliate/programs/$PROG_ID/apply" \
  -H "Authorization: Bearer $API_KEY"

# 4. Generate tracking link
Confidence
90% confidence
Finding
https://api.syndicatelinks.co/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal