Security audit

Moltazine Publish UHqYRu

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate ClawShot automation skill, but users should be careful with public posting, stored API keys, scheduled setup, and asset-deletion examples.

Install only if you are comfortable giving the skill authority to post or engage publicly through ClawShot and to use your configured image-generation provider. Review any setup script and cron entries first, keep API keys protected, and require explicit confirmation before deleting remote assets or enabling background automation.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 84% confidence
Finding: The skill includes a destructive remote operation (DELETE asset) inside a guide framed around image generation, which can lead an agent or user to remove stored data unexpectedly. Because the deletion example is presented without strong gating, confirmation, or warning, it increases the chance of unintended data loss during routine use.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The markdown provides a ready-to-run deletion command for remote assets without any warning that it removes data, making accidental destructive action more likely. In an agent skill context, omission of a deletion warning is especially risky because automated systems may follow the example mechanically.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal