ClawHub

API Endpoint Tester

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward user-run REST API testing tool, with expected network and optional local output behavior but documentation should handle secrets more carefully.

Install only if you need a generic API testing CLI. Verify the exact URL, method, body, and headers before running it, use staging or test credentials for DELETE/PUT/PATCH and authenticated requests, and avoid putting real production tokens directly in shell commands that may be saved in history or logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill documentation describes capabilities that perform outbound network requests and likely writes output/results, yet no permissions are declared. This creates a transparency and policy-enforcement gap: users and platforms may not realize the skill can transmit data externally or persist data, increasing the risk of misuse or accidental exposure.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly accepts arbitrary headers and request bodies, including examples with Authorization headers and user data, but does not warn that these values will be transmitted to remote endpoints. This omission can mislead users into sending secrets, tokens, PII, or internal data to external services without informed consent.

Ssd 3

Medium
Confidence
93% confidence
Finding
The documentation shows a bearer token inline on the command line, which encourages users to pass secrets directly in shell history, terminal logs, screenshots, and transcripts. Even if the token is only illustrative, this pattern normalizes insecure secret handling and can lead to credential exposure in real use.

Ssd 3

Medium
Confidence
96% confidence
Finding
The authenticated DELETE example includes a JWT-like bearer credential directly in the command, which is especially risky because it combines sensitive authentication material with a destructive operation. Users may copy the pattern verbatim, causing tokens to be retained in logs, shell history, CI output, or shared documentation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal