ClawHub

EngageLab OTP

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed EngageLab OTP helper that can send real messages and manage templates, so it should be used carefully but does not show hidden or malicious behavior.

Install this only if you intend to work with an EngageLab OTP account. Use test or least-privilege credentials when possible, confirm recipients and costs before sending messages, verify template IDs before deletion, and protect callback endpoints with HTTPS plus signature or authorization checks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill clearly instructs the agent to make outbound API calls to EngageLab, but no explicit permissions are declared. That mismatch can bypass expected permission/consent boundaries and make networked data transfer less visible to users or policy enforcement layers. In a skill that handles OTPs, recipient identifiers and verification data are sensitive enough that undeclared network capability is a meaningful security issue.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger phrases are very broad and include generic terms like 'send otp', 'verify otp', 'otp api', and channel names, which can cause the skill to activate for loosely related requests. Unintended invocation matters here because the skill can generate code, prepare outbound requests, and guide transmission of sensitive authentication data to an external provider. The OTP context increases risk because mistakes affect authentication workflows and personal contact data.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill encourages sending OTPs, custom messages, and configuring callbacks through an external service without clear user-facing disclosure that phone numbers, email addresses, message content, and webhook endpoints will be transmitted outside the local environment. This is a real privacy and security concern because OTP workflows process sensitive contact and authentication-related data. The callback feature further increases exposure by involving inbound webhooks and event payloads.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documentation shows callback payloads containing sensitive data such as operator email, API keys, IP addresses, and message contents, but provides no guidance on minimizing, redacting, storing, or logging these values safely. In an OTP platform context, callback handlers are likely to be integrated into production systems, so omission of secure-handling guidance increases the risk of credential leakage, privacy exposure, and insecure audit logging.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
**Get details** — `GET /v1/template-configs/:templateId` (returns full template with channel configs)

**Delete** — `DELETE /v1/template-configs/:templateId`

### Template Status
Confidence
88% confidence
Finding
DELETE /v1/template-configs/:templateId`

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal