ClawHub

Lemnos Cost Guard

Security checks across malware telemetry and agentic risk

Overview

This cost-monitoring skill appears purpose-aligned, but users should know it may read local logs/workspace content and write cost-tracking logs.

Install only if you are comfortable with the skill analyzing local session logs or workspace files to estimate spending. Prefer running it on intended projects only, review where it writes JSONL logs, and avoid using it in workspaces containing secrets or sensitive transcripts unless you have confirmed the logging scope.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill instructs the agent to run local scripts, read workspace content, and write JSONL logs, but it does not declare any permissions or trust boundaries. This mismatch can cause the host to invoke file read/write behavior without explicit user awareness, which is risky in an agent setting because the workspace path and log destinations may expose or persist sensitive data.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The description is broad enough that the skill may be auto-invoked for many generic questions about costs, budgets, or why costs are high, even when the user did not request filesystem scanning or cost logging. In this skill, that broad trigger surface is more dangerous because the documented workflow includes reading workspace content and writing persistent cost logs, so accidental invocation can lead to unnecessary data access or unintended state changes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal