ClawHub

ManyChat CLI

Security checks across malware telemetry and agentic risk

Overview

This looks like a real ManyChat automation tool, but it gives an agent broad live access to customer records and messaging without enough safeguards.

Install only if you trust the publisher and intend to let an agent operate a live ManyChat account. Use the narrowest API key available, avoid raw and playbook actions unless reviewed, require explicit approval before changing subscriber data or sending flows, and treat subscriber output and logs as sensitive personal data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill advertises concrete capabilities that access environment variables, local files, and the network, but it does not declare any permissions or constraints. In an agent setting, this creates a trust gap: the agent or operator may invoke the skill without understanding that it can read secrets like MANYCHAT_API_KEY and perform external API actions against subscriber data.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly supports subscriber lookup, profile reads, tag management, field updates, and sends using an API key, yet it provides no privacy notice, consent guidance, or warning about handling personal data. This is dangerous because an agent could retrieve or modify customer records and messaging state without the operator being clearly informed of the sensitivity and compliance implications.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal