ClawHub

Morningmate

Security checks across malware telemetry and agentic risk

Overview

This skill is a real-looking Morningmate/Membrane integration, but its scope is inconsistent and it gives broad authenticated API power without clear guardrails.

Install only if you trust Membrane and intend to connect a Morningmate account through it. Before using it, define which Morningmate resources are in scope and require explicit approval before creating, updating, deleting, inviting users, changing organization data, or sending raw proxy requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The manifest says the skill is for managing Users and Organizations, but the body describes a Morningmate productivity integration and exposes broad generic action/proxy capabilities. This mismatch can cause an agent to invoke the skill in the wrong context and then perform unintended operations against an external connection, increasing the risk of over-privileged or irrelevant actions.

Intent-Code Divergence

Medium
Confidence
86% confidence
Finding
The file contradicts itself about what product is being integrated and what data it manages, mixing user/organization management with a morning-routine SaaS description. In security-sensitive agent routing, inconsistent identity and scope information can mislead the model into trusting the wrong API surface or handling data it was not meant to access.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The activation condition 'Use when the user wants to interact with Morningmate data' is overly broad and provides little constraint on what intents are appropriate. Over-broad triggering can cause the agent to select this skill for ambiguous requests and then use its generic CLI/proxy features to access or modify external data beyond the user's intended task.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal