ClawHub

Kingsumo

Security checks across malware telemetry and agentic risk

Overview

This KingSumo skill is a plausible Membrane integration, but its description is mismatched and it gives broad authenticated API access without clear guardrails.

Review before installing. Use this only for KingSumo giveaway, contestant, analytics, and current-user workflows. Prefer listed Membrane actions over raw proxy requests, require explicit approval before any create, update, or delete operation, and revoke the Membrane/KingSumo connection when no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The manifest description claims broad CRM-style capabilities such as managing persons, organizations, deals, and leads, but the documented functionality is limited to KingSumo giveaways, contestants, and analytics. This mismatch can cause the agent to invoke the skill in unrelated contexts and mis-handle user data or take incorrect actions based on false assumptions about available capabilities.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The file advertises generic CRM record management, while the operative instructions and available actions only support giveaway-centric operations. In an agent setting, this semantic mismatch increases the chance of incorrect tool selection, failed operations, or unintended disclosure/manipulation attempts against the wrong service context.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The invocation text is overly broad: 'Use when the user wants to interact with KingSumo data' combined with the inaccurate CRM-style description can trigger the skill for many unintended requests. Overbroad activation criteria are dangerous in agent systems because they expand the tool's execution surface and increase the risk of wrong-tool usage and unintended external actions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal