ClawHub

CCDB Factor Search

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent CCDB carbon-factor lookup helper that uses a disclosed external Carbonstop API, with privacy caution needed for proprietary search terms.

Install only if you are comfortable sending carbon-factor search keywords to Carbonstop's CCDB service. Avoid entering confidential BOM, supplier, product, or process details unless that disclosure is acceptable, and treat returned factors as decision support requiring review for formal reporting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill instructs use of local scripts and explicit network calls but does not declare permissions, creating a mismatch between the apparent trust boundary and actual capabilities. This can cause agents or reviewers to underestimate that user inputs may be transmitted off-platform or processed by executable tooling.

Natural-Language Policy Violations

Medium
Confidence
89% confidence
Finding
Proactive activation when the user did not explicitly request factor lookup can cause the skill to act on inferred intent and inject external-data-driven outputs into workflows without clear user consent. In a carbon accounting or LCA context, this increases the chance of incorrect factor selection, hidden assumptions, and unintended tool use that can materially affect calculations or compliance-oriented outputs.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The metadata says the skill should activate proactively for broad carbon-footprint and accounting tasks even when the user did not ask to search factors. Overbroad auto-activation can cause unintended external queries and unnecessary disclosure of user business data to the referenced service.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The proactive trigger section covers general LCA, PCF, and supply-chain estimation scenarios without strong limiting conditions. In practice this increases the chance the skill runs on sensitive enterprise data sets and initiates lookups the user did not knowingly request.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script derives search terms and constraints from user input and transmits them to an external Carbonstop API, but the code does not surface any consent, disclosure, or minimization step before sending potentially sensitive business queries. In this skill context, user requests may contain proprietary product, supply-chain, regional, or accounting details, so silent exfiltration to a third-party service creates a real privacy and data-governance risk even if the API call is the intended functionality.

External Transmission

Medium
Category
Data Exfiltration
Content
import hashlib, requests
keyword = "电力"
sign = hashlib.md5(("mcp_ccdb_search" + keyword).encode()).hexdigest()
resp = requests.post("https://gateway.carbonstop.com/management/system/website/searchFactorDataMcp",
    json={"sign": sign, "name": keyword, "lang": "zh"})
print(resp.json())
```
Confidence
95% confidence
Finding
requests.post("https://

External Transmission

Medium
Category
Data Exfiltration
Content
import hashlib, requests
keyword = "电力"
sign = hashlib.md5(("mcp_ccdb_search" + keyword).encode()).hexdigest()
resp = requests.post("https://gateway.carbonstop.com/management/system/website/searchFactorDataMcp",
    json={"sign": sign, "name": keyword, "lang": "zh"})
print(resp.json())
```
Confidence
95% confidence
Finding
requests.post("https://gateway.carbonstop.com/management/system/website/searchFactorDataMcp", json=

External Transmission

Medium
Category
Data Exfiltration
Content
If `scripts/query_ccdb.py` is missing or fails to run, fall back to a direct API call:

```bash
curl -s -X POST https://gateway.carbonstop.com/management/system/website/searchFactorDataMcp \
  -H 'Content-Type: application/json' \
  -d '{"sign":"<md5(\"mcp_ccdb_search\"+keyword)>","name":"<keyword>","lang":"zh"}'
```
Confidence
94% confidence
Finding
curl -s -X POST https://gateway.carbonstop.com/management/system/website/searchFactorDataMcp \ -H 'Content-Type: application/json' \ -d

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal