ClawHub

Red Alert

Security checks across malware telemetry and agentic risk

Overview

The skill coherently monitors Israeli emergency alerts using disclosed APIs, with only local alert logging and optional API-key use to be aware of.

Install this if you need Israeli alert history or realtime monitoring. Set RED_ALERT_API_KEY only if you need authenticated realtime access, review the npm dependency before installing, and periodically delete or rotate /data/clawd/tmp/redalert-*.jsonl if you run the persistent listener.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill documents shell commands and operational behavior but does not declare corresponding permissions. This creates a transparency and governance gap: an agent may invoke shell-based actions such as curl, node, npm install, and file writes without the expected permission metadata, making review and policy enforcement harder.

Description-Behavior Mismatch

Medium
Confidence
87% confidence
Finding
This listener persistently stores all received alert events to /data/clawd/tmp/redalert-live.jsonl even though the skill description emphasizes querying alerts and generating stats, not maintaining a continuous local event archive. Persistent collection increases data retention and exposure risk, especially because every upstream event is written verbatim and indefinitely unless external cleanup exists.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
Incoming socket payloads are appended directly to a local JSONL file without any indication to users that data is being retained. Even if the alert feed is not highly sensitive, silent persistence creates privacy, compliance, and operational risk by accumulating potentially location- and time-correlated event data without transparency or retention controls.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal