ClawHub

Gobiolink

Security checks across malware telemetry and agentic risk

Overview

This Gobio.link skill is a real integration, but it gives broad authenticated power to change or delete account data without clear safeguards.

Install only if you intend to connect an agent to your Gobio.link account through Membrane. Before use, require explicit approval for every create, update, delete, or proxy request, verify target IDs and endpoints, and consider pinning the Membrane CLI version in controlled environments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The manifest describes the skill as managing organizations and users, but the body exposes broader capabilities including links, projects, QR codes, form data, and deletion operations. This scope mismatch can mislead users or higher-level agents into granting trust or invoking the skill for narrower purposes than it actually supports, increasing the chance of unintended sensitive or destructive actions.

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The generic proxy request feature allows arbitrary API interaction beyond the enumerated actions, effectively expanding the skill into a broad authenticated request primitive. When a skill advertises a narrower integration scope but includes unrestricted proxying, an agent may unknowingly perform sensitive, undocumented, or destructive operations against the connected service.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill prominently lists destructive actions such as deleting data, projects, QR codes, and links without any requirement for confirmation, warning about irreversible effects, or guidance to verify target identifiers. In an agent-driven workflow, this materially increases the risk of accidental data loss from ambiguous prompts, wrong IDs, or over-broad automation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal