ClawHub

Mixpanel Analytics

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Mixpanel analytics helper that uses disclosed Mixpanel credentials to run user-requested analytics queries, including sensitive profile and raw event exports.

Install only if you want an agent to query your Mixpanel project. Use a least-privileged Mixpanel service account, avoid broad raw exports unless necessary, and treat profile and event output as potentially sensitive customer or product analytics data that may be captured in terminal logs or agent transcripts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill clearly relies on environment variables containing credentials and performs outbound network access, but the file does not declare permissions or explicitly scope those capabilities. That creates a governance and review gap: operators may approve or invoke the skill without realizing it can read secrets and transmit data externally.

Missing User Warnings

Medium
Confidence
80% confidence
Finding
The description advertises access to user profiles and raw event export, both of which can involve personal or sensitive behavioral data, but it provides no privacy warning, data-minimization guidance, or usage constraints. In practice, this can normalize broad access to PII-like analytics data and increase the chance of inappropriate queries or over-collection.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The example shows direct use of service account credentials in a network request without warning users about secret handling, shell history exposure, or the sensitivity of transmitted analytics data. Even though the request is to Mixpanel over HTTPS, embedding operational credential usage in examples without precautions increases the risk of accidental disclosure or misuse.

Missing User Warnings

Medium
Confidence
78% confidence
Finding
The profile command retrieves and prints potentially sensitive user profile attributes directly to stdout with no minimization, redaction, confirmation step, or warning. In an agent or shared terminal context, this can expose PII or internal customer data to logs, transcripts, or downstream tools that capture command output.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The export command pulls raw analytics events and prints event names, timestamps, distinct IDs, and optionally full event payloads, all without any warning, redaction, or access guard. Because raw events frequently contain identifiers and custom properties, this creates a meaningful risk of bulk data exposure through console history, agent transcripts, or log aggregation systems.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal