ClawHub

国家法律法规知识库检索

Security checks across malware telemetry and agentic risk

Overview

This legal-search skill appears useful and purpose-aligned, but it sends potentially sensitive legal questions to an external API with limited disclosure and a hardcoded bearer token.

Review before installing. Use this only if you are comfortable sending legal questions to the OrientLaw-hosted API, avoid including names or sensitive case details, and treat the embedded bearer token as a credential that should be rotated and moved out of source before broad distribution.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill declares a Python dependency on requests and explicitly instructs execution of a retrieval script that calls a vector-search API, but no permissions are declared. Hidden network capability increases the risk of unreviewed outbound requests, data exfiltration of user legal queries, and bypass of platform trust controls. In a legal-assistant context, user inputs may contain sensitive personal or case details, which makes undeclared network access more concerning.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger conditions are very broad: any legal question, regulation lookup, legal consultation, or legal Q&A may activate the skill. Overbroad triggering can cause the agent to invoke external retrieval during ordinary conversation without clear user intent, sending unnecessary user content to the knowledge service and increasing privacy and prompt-routing risk. Because this skill performs network-backed search, accidental activation is more dangerous than a purely local formatting skill.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script sends the user's legal query to a third-party external API without any explicit user-facing disclosure or consent mechanism. Legal queries can contain highly sensitive personal, employment, criminal, or contractual information, so undisclosed transmission creates a real privacy and data-governance risk even though the network call is central to the tool's purpose.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal