ClawHub

Hutian Opc Technical Dd

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent due-diligence workflow, but it asks users to upload confidential deal materials and use IMA API credentials without clear permission, retention, or secret-handling safeguards.

Review before installing. Use this only if you are authorized to process the target company’s materials, understand where IMA stores uploaded files and reports, and can keep each client or deal isolated. Prefer read-only or local review for confidential documents, redact sensitive personal and financial data where possible, and store API keys in managed environment secrets rather than plaintext files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
86% confidence
Finding
The skill is presented as a due-diligence screening tool, but it also includes `import_doc` and `append_doc` operations into an external IMA knowledge base. That creates an unnecessary data-ingestion/write path for potentially confidential investment materials, increasing the risk of unauthorized retention, cross-project leakage, or accidental disclosure beyond the user's intent.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
Providing knowledge-base write and maintenance capabilities is disproportionate to the stated purpose of initial technical due diligence, which mainly requires retrieval and analysis. Excess write access broadens the attack surface and could be misused to store sensitive customer documents, contaminate shared knowledge bases, or create persistent records without adequate governance.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs users to collect and verify team members' background information, including public professional and academic records, without any privacy, consent, minimization, or jurisdictional compliance guidance. In a due-diligence context this can lead to overcollection of personal data, inappropriate profiling, or processing that violates internal policy or local privacy law.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill enables importing external documents and ingesting them into an API-backed knowledge base without warning that the materials may contain confidential business plans, technical documents, patent drafts, personal data, or investment-sensitive information. In this context, silent ingestion is more dangerous because due-diligence materials are often highly sensitive and may be subject to NDA, trade-secret, or regulatory obligations.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
This section instructs users to import customer documents into IMA, which can transfer potentially sensitive business, technical, personnel, patent, and financial data into a persistent knowledge base without any consent, retention, or confidentiality warning. In a due-diligence context, these materials are especially likely to contain non-public information, so silent ingestion and later write-back increase privacy, confidentiality, and unauthorized data-handling risk.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The workflow tells operators to source authentication material from `SECRET.md` or environment variables but provides no warning about least-privilege handling, storage risks, or prohibitions on exposing those values in prompts, logs, or generated reports. Because this skill is designed to orchestrate multiple API calls, normalizing direct credential retrieval without guardrails increases the chance of accidental secret disclosure or unsafe secret management.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal