ClawHub

Knowledge Graph - Rest Api Wrapper Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent REST API generator, but its examples promote risky production patterns for database APIs without enough safeguards.

Review carefully before installing or using this as a production template. Treat the generated APIs as scaffolding only: require authentication and authorization, avoid arbitrary query endpoints, parameterize database queries, bind local development servers to localhost, restrict webhooks, and add deletion safeguards before deployment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The file repeatedly markets the examples as 'production-ready' and following best practices, but the Python snippets construct Cypher queries with f-strings using user-controlled values such as user_id, category, product_id, sort, offset, and limit. This can mislead users into deploying insecure code and enables Cypher injection, query manipulation, data exfiltration, or destructive graph operations if copied into real services.

Intent-Code Divergence

Low
Confidence
87% confidence
Finding
The summary claims all examples follow authentication best practices, but several example APIs later omit any authentication requirements entirely. This is dangerous because readers may assume unauthenticated administrative or data-modifying endpoints are acceptable and reproduce that design in real deployments.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README demonstrates starting the API server on 0.0.0.0 and exposes a generic query endpoint for graph database access, but it does not warn that this makes the service reachable beyond localhost and can expose sensitive graph data if deployed as shown. In a generator meant to produce production-ready REST wrappers, unsafe-by-example guidance is likely to be copied directly into real deployments, increasing the chance of unintended external exposure or abuse of powerful query functionality.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill includes create, update, and delete API patterns for graph data but does not warn that generated endpoints can modify or permanently delete production records. In a code-generation context, omission of such warnings increases the chance that a user deploys destructive operations without safeguards, confirmation flows, or backup/rollback planning.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The custom query execution endpoint allows clients to submit arbitrary database queries over HTTP, which can expose sensitive graph data, enable unauthorized data modification, or facilitate denial-of-service through expensive queries. In this skill's context, auto-generating such an endpoint without strong warnings and restrictions is especially dangerous because it normalizes a highly risky design as a standard feature.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The webhook feature describes sending callbacks to external URLs without warning that graph data or event metadata may be transmitted to third-party endpoints. This can lead to unintended data exfiltration, privacy violations, SSRF-style abuse, or trust boundary violations if callback destinations are not tightly controlled.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal