ClawHub

network-device-scanner

Security checks across malware telemetry and agentic risk

Overview

This skill is a local network scanner, but it can actively probe a fixed private subnet and extra targets without clear user confirmation or tight scope controls.

Install only if you intentionally want active device and port discovery on a network you own or administer. Confirm the exact target range before running it, avoid setting SCAN_EXTRA_IPS unless you mean to scan those hosts, and do not use the Windows PowerShell instruction unless a reviewed scan.ps1 is actually supplied.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The hard-coded extra target IP causes the tool to probe a specific host regardless of normal discovery results, which exceeds a generic LAN-scanning purpose and can single out a device for unauthorized enumeration. In a network-scanning skill, embedding a fixed target is suspicious because it enables undisclosed surveillance of a particular host and may violate user expectations or local policy.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The skill reads SCAN_EXTRA_IPS from the environment and unconditionally adds those addresses to the target set, allowing scanning beyond normal LAN discovery behavior. In an agent environment, this creates a covert policy-bypass channel where deployment-time configuration can silently expand the scan scope to arbitrary internal or external hosts.

Intent-Code Divergence

Low
Confidence
88% confidence
Finding
The documentation claims the tool is only for the user's own network, but the code does not enforce ownership or even subnet-policy constraints on all target sources. Security-sensitive tools should not rely on comments for access control, because this mismatch can lead to unauthorized scanning when reused in broader agent workflows.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger phrases are broad enough to match ordinary conversation about nearby devices or networks, which could cause the skill to launch active network and port scanning without clear, specific intent from the user. In the context of a scanner, overbroad activation materially increases the risk of unauthorized or surprising reconnaissance on the local network.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The description does not clearly warn that the skill performs active host discovery and TCP port scanning on the local network. Because active scanning can be sensitive, disruptive, or policy-violating in managed environments, failing to prominently disclose this behavior undermines informed consent and increases the chance of misuse.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill actively enumerates local devices and probes ports without any user-facing notice about network probing or collection of device identifiers such as IPs, MACs, and inferred device types. In this context, the behavior is more sensitive because the skill is explicitly designed to inspect nearby systems, so lack of disclosure and consent increases privacy, policy, and misuse risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal