ClawHub

Book Carpet Cleaning

Security checks across malware telemetry and agentic risk

Overview

This skill is a simple carpet-cleaning booking helper that uses a third-party booking endpoint and expected contact details, with no evidence of hidden code, persistence, or unrelated data access.

Before installing, be comfortable with the agent contacting Lokuli and sharing booking details such as your name, email, phone number, location, selected provider, service, and time slot. The agent should ask for explicit confirmation before it sends contact details or creates a booking.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill is configured to trigger on broad phrases like general carpet-cleaning requests, which can cause unintended activation when a user is only seeking information rather than authorizing a booking workflow. In this context, overbroad activation is risky because the skill can lead into provider search and booking flows that involve external service interaction and downstream handling of personal data.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill includes a create_booking flow that transmits customer name, email, and phone number to a third-party MCP endpoint, but the skill text provides no user-facing disclosure or consent language about this data sharing. This is dangerous because users may unknowingly provide personally identifiable information that is sent off-platform to an external service, creating privacy, compliance, and trust risks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal