ClawHub

SSH MCP

Security checks across malware telemetry and agentic risk

Overview

This SSH administration skill is openly about remote server control, but it gives agents high-impact single-server and fleet-wide command patterns without clear approval or rollout safeguards.

Install only if you intend to let the agent administer SSH-accessible machines. Before using it, set your own rule that upgrades, restarts, file changes, key changes, and bulk commands require explicit approval with target hosts, exact commands, expected impact, and rollback or verification steps.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill provides concrete examples for running privileged remote administration commands such as system updates and upgrades without any instruction to confirm user intent, assess maintenance impact, or require explicit approval before execution. In an agentic context with direct SSH execution capability, this omission is dangerous because the model may autonomously perform disruptive changes on production systems, causing outages or unintended package changes.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The bulk execution examples demonstrate fleet-wide service restart and command execution across multiple servers without warnings about blast radius, sequencing, environment targeting, or approval gates. Because this skill is specifically designed for concurrent SSH operations across fleets, missing safeguards materially increases the chance of widespread service disruption from a mistaken, ambiguous, or unsafe prompt.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal