ClawHub

Dripcel

Security checks across malware telemetry and agentic risk

Overview

This marketing-automation skill should be reviewed because it appears to mix Dripcel branding with Drip API behavior while enabling bulk messaging and destructive contact actions.

Review before installing. Confirm whether this is for Dripcel or Drip, verify the connection URL and required credentials, and only grant access if the skill clearly requires confirmation before sending messages, uploading contacts, bulk changing records, opting contacts out, or deleting data. VirusTotal was pending, so it was not used as a negative signal.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The skill is labeled as a Dripcel integration, but the body documents Drip APIs and capabilities, creating a clear identity and behavior mismatch. This can cause an agent or user to connect to the wrong service and invoke unintended actions such as messaging, contact uploads, or deletions against an unexpected third-party system.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The invocation description is overly broad and can match vague requests to 'interact with Dripcel data,' increasing the chance the skill is selected for underspecified prompts. In combination with the mismatched service documentation and powerful actions, this broad routing can lead to unintended access, data modification, or outbound communications without clear user intent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill prominently advertises destructive and outbound actions like bulk email, SMS, delete, bulk update, and opt-out operations without requiring confirmation or warning about their side effects. In an agent setting, this materially increases the risk of accidental spam, data loss, unauthorized contact changes, or compliance-impacting messaging actions.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal