ClawHub
Back to skill

Security audit

rhythm-master

Security checks across malware telemetry and agentic risk

Overview

This is a playable rhythm game, but its online leaderboard setup can expose player score data and a Firebase database to public tampering if followed as written.

The local HTML game is reasonable to try, preferably with non-personal player names. Treat the online leaderboard instructions as unsafe for public use until Firebase rules are locked down, writes are validated and rate-limited, users are told what data is uploaded, and there is a way to manage or delete stored scores.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (11)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The documentation broadens a local rhythm game into an Internet-connected service with real-time global data synchronization and persistent storage. Expanding network exposure changes the security and privacy posture significantly, especially because later steps instruct insecure database rules, making the added functionality materially riskier than the original local-only skill description.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The guide instructs users to deploy the game on public hosting platforms, making the application and its leaderboard broadly reachable on the Internet. In context, this amplifies abuse potential because the same document recommends permissive Firebase rules, so public deployment turns an insecure demo into an exposed production-like service.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The tutorial encourages a globally accessible leaderboard that stores player-submitted data and displays it publicly, but it does not adequately warn about privacy, data retention, or exposure risks. Combined with anonymous public read/write guidance, users may unintentionally collect and publish personal data such as names or behavioral metadata without consent or controls.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
This section explicitly proposes a networked leaderboard that uploads player score data, names, combo stats, difficulty, and date to remote infrastructure, but it provides no privacy notice, retention guidance, access control, or data-minimization advice. In a game context this is not code execution or direct compromise, but it can still lead to unnecessary collection and exposure of user-identifying gameplay data if implemented as written.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation examples include broad phrases like wanting to play a game or test reflexes, which can cause the skill to activate in response to generic entertainment requests rather than an explicit request for this specific rhythm game. Overbroad invocation increases the chance of unintended skill execution and can surprise users, especially because the skill may open interactive content or steer the conversation away from the user's actual intent.

Missing User Warnings

Low
Confidence
82% confidence
Finding
The skill documents persistent local leaderboard storage but does not clearly warn users that names and scores are retained in browser LocalStorage. While this is low sensitivity data in context, silent persistence can still create privacy surprises on shared devices and may conflict with user expectations about ephemeral gameplay.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The online leaderboard instructions describe sending score data to Firebase or another backend without any privacy notice, consent flow, or guidance on limiting collected data. Once external transmission is enabled, player identifiers and gameplay statistics may leave the local device and be retained by third parties, creating a real privacy and compliance risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The game submits player-entered names and detailed gameplay statistics to Firebase with no prior consent, privacy notice, or clear disclosure that data leaves the device. In a casual game context, users may reasonably expect local-only behavior, so silent transmission of identifiers and behavioral data creates privacy and transparency risk.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The document specifies storing player names and gameplay statistics in LocalStorage and submitting them to a backend API, but provides no notice, consent flow, retention guidance, or privacy/security requirements. Even though the data is not highly sensitive by default, player names can be personal data and backend submission expands exposure through collection, transmission, and possible misuse or leakage.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The document provides concrete guidance for sending player names and gameplay statistics to Firebase or a custom backend, but it does not instruct implementers to disclose that this data leaves the user's device or to obtain consent. In a game context this may seem low sensitivity, but player identifiers, scores, dates, and potentially IP-linked metadata are still personal or behavioral data, so silent transmission creates privacy and compliance risk.

Ssd 3

Medium
Confidence
97% confidence
Finding
Leaderboard rows are built with innerHTML using playerName loaded from localStorage, which is attacker-controlled within the origin. A crafted name such as HTML or script-capable markup can trigger DOM XSS when the leaderboard is viewed, enabling script execution in the page context and access to same-origin data like localStorage.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal