ClawHub

Clinkding - Linkding Bookmark Integration

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Linkding bookmark manager, with expected powers to access and change bookmark data.

Install only if you trust the clinkding CLI source and your Linkding instance. Protect the API token, review update/delete/upload/download actions before approving them, and avoid automatic summarization for private, internal, or token-bearing URLs unless you are comfortable sharing that URL with the summarization tool.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill extends beyond bookmark management by directing the agent to use an external summarization capability on user-provided URLs. This increases the data-sharing surface and can cause private or sensitive URLs to be transmitted to another tool or service without the user's explicit consent or a clear trust boundary.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill documents permanent deletion of bookmarks and assets without advising confirmation, preview, or user verification. In an agent context, that omission can lead to accidental destructive actions, especially when commands are composed from ambiguous user requests or parsed output.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The workflow instructs the agent to pass user-supplied URLs to the external summarize skill without warning that the URL may contain sensitive query parameters, private hosts, tokens, or internal resources. This can expose user data or internal endpoints to another processing component beyond the bookmark manager's expected scope.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal