ClawHub

Claw Secure Auditor

Security checks across malware telemetry and agentic risk

Overview

This is a read-only local scanner, but its audit results are not reliable because it can automatically mark any folder named like itself as safe without scanning it.

Install only if you treat it as a lightweight local regex checker, not a dependable security verdict. Do not rely on its Safe result, avoid providing a VirusTotal API key for this version, and run it only on specific folders you intend to inspect.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill advertises executable capabilities such as shell access and file reads in its documented usage/metadata, but it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: users and hosting platforms may underestimate what the skill can access, and the tool audits arbitrary local paths while also supporting external reputation queries, making undeclared capability especially risky in a security-sensitive auditor.

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The auditor unconditionally treats any target whose directory name matches its self-whitelist as safe, skips scanning, assigns a perfect score, and reports a safe risk level. This creates a trust-bypass where a malicious skill can evade analysis simply by being named 'claw-secure-auditor', defeating the stated purpose of the security tool.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The 'Self-whitelist' logic is not just a misleading comment; it documents an intentional unconditional trust path in a security-sensitive tool. In an auditor, any hardcoded exemption undermines integrity of results and can mislead users into trusting unscanned content.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal