ClawHub

Miniflux Skill

Security checks across malware telemetry and agentic risk

Overview

The skill mostly behaves like a Miniflux API client, but its README still shows a real Miniflux URL that could cause users to send their token-backed requests to the wrong server if copied as-is.

Before installing, set MINIFLUX_URL only to your own trusted Miniflux instance and do not copy the README's reader.etereo.cloud value unless that is genuinely your server. Treat delete, update, mark-all-read, and bookmark commands as live changes to your Miniflux account, and consider installing the Python dependency in a virtual environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill requires sensitive environment variables and performs networked API operations, but it does not declare explicit permissions despite clearly needing env and network access. This weakens transparency and permission enforcement, increasing the chance that users invoke a credentialed networked skill without understanding its access scope.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The documentation advertises destructive and state-changing operations such as deleting feeds/categories, marking items read, and updating subscriptions without clear warnings, confirmations, or guidance about irreversible effects. In an agent context, this can lead to accidental destructive actions being executed on behalf of a user, especially because the skill manages a live remote service over an authenticated API token.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal