ClawHub

Lattice

Security checks across malware telemetry and agentic risk

Overview

This Lattice skill is not malicious, but it asks for broad access to sensitive HR data without clear boundaries or confirmation rules.

Install only if you trust the Membrane/Lattice connection and can limit it to appropriate HR permissions. Require explicit user approval before creating, updating, deleting, or proxying requests, and do not rely on the broad entity list as an accurate statement of supported Lattice data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The overview claims support for an implausibly broad universe of entities far beyond a normal Lattice integration, including many sensitive and unrelated domains. This can mislead an agent or operator about the skill’s authority and suitable use cases, increasing the chance of overbroad invocation, unsafe data handling, or accidental transmission of sensitive information under false assumptions about supported scope.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The invocation text says to use the skill whenever the user wants to interact with Lattice data, which is extremely broad for an HR platform containing sensitive employee information. Overly permissive routing language can cause the skill to activate for generic requests and perform networked access to confidential records without enough task-specific scoping or user confirmation.

Missing User Warnings

High
Confidence
97% confidence
Finding
This skill can access and transmit sensitive HR and employee data over the network, yet the description does not warn about that sensitivity or the external data transfer. In an HR context, missing disclosure materially increases the risk of users or orchestrators invoking the skill without understanding that personnel records, reviews, notes, and related data may be queried or modified remotely.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal