ClawHub

Enterprise Credit Check

Security checks across malware telemetry and agentic risk

Overview

This skill is not malware, but it needs review because it presents credit reports as official-source based while relying on manual or unverified inputs and embeds a private contact solicitation.

Install only if you treat this as a checklist/report template, not as an independently verified credit report. Require the agent or user to provide official source evidence for every finding, avoid entering sensitive credentials unless legally authorized, and do not share business or credit information through the embedded private contact unless you independently trust that party.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Tp4

High
Category
MCP Tool Poisoning
Confidence
97% confidence
Finding
The skill claims to perform authoritative enterprise credit checks using official government and central-bank sources, but the content only describes a manual scoring/report template and does not evidence any actual integration, retrieval, or verification from those sources. In a due-diligence and credit-evaluation context, this can mislead users into relying on fabricated or unverified results for financial or legal decisions, and the undisclosed contact solicitation further increases trust-manipulation risk.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill includes off-platform contact/lead-generation text unrelated to the core function of returning a credit-check report. In a trust-sensitive compliance and due-diligence workflow, this can be used to divert users to unreviewed private channels, enabling social engineering, upselling, or collection of sensitive business information outside platform safeguards.

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The generated report contains hard-coded positive statements such as '五维核查均无明显异常', fixed section conclusions, and a fixed final recommendation that do not reliably reflect the actual input data or computed risk_result. In a credit-check skill, this can misrepresent official-risk findings, causing users to trust a favorable report even when underlying data indicates elevated risk or disqualifying issues.

Context-Inappropriate Capability

Low
Confidence
97% confidence
Finding
The report injects unrelated contact and marketing content into a credit-check deliverable, which creates a trust-boundary violation in a compliance-sensitive workflow. In an enterprise due-diligence context, users may interpret the contact as endorsed remediation advice, enabling unwanted solicitation, data leakage to a private contact, or social-engineering follow-up.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal