ClawHub

Mteam Transmission0.1

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it searches M-Team torrents and adds the user-selected item to a local Transmission downloader, but it needs careful credential and download-path handling.

Install only if you trust the M-Team account and local Transmission/NAS workflow. Move credentials out of source code, use a limited Transmission account, verify the NAS path mapping, and require the agent to show the selected title, size, and destination before every download.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Tainted flow: 'download_url' from requests.post (line 128, network input) → requests.get (network output)

Medium
Category
Data Flow
Content
download_url = token_data.get('data')

        # 2. 真实下载种子文件并写入临时文件 (走代理)
        dl_resp = requests.get(
            download_url, 
            headers=COMMON_HEADERS, 
            proxies=PROXIES,
Confidence
94% confidence
Finding
dl_resp = requests.get( download_url, headers=COMMON_HEADERS, proxies=PROXIES, timeout=15 )

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README describes a skill that can automatically search for torrents and push the selected result into a local Transmission instance using configured credentials, but it does not warn users about the operational and security consequences of granting that access. In this context, the skill bridges an external content source and a privileged local downloader/NAS workflow, which increases the risk of unintended downloads, misuse of stored credentials, and filesystem impact if the skill behaves unexpectedly or is later modified.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill is explicitly designed to search for torrents and then send them to a local Transmission/NAS environment for download, which causes writes to the user's local infrastructure. Although it requires a user selection before downloading, the skill provides no safety notice, confirmation language about local side effects, or guardrails around what will be written and where, increasing the risk of unintended system changes and problematic content acquisition.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The function performs state-changing actions—downloading a file, writing it to `/tmp`, and adding it to Transmission—without any explicit confirmation, preview, or safety gate. In an agent skill context, this increases the chance of unintended downloads, storage abuse, or silently adding unwanted torrents based on ambiguous or manipulated inputs.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal