ClawHub

Polymer

Security checks across malware telemetry and agentic risk

Overview

This skill is not clearly malicious, but it mixes an unclear Polymer identity with live Membrane actions that can affect connected accounts.

Review before installing. Confirm what Polymer service this connector actually controls, inspect the Membrane permission prompt, and require explicit approval before the agent creates or runs any action that could change records, workflows, or external account data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

High
Confidence
95% confidence
Finding
The skill metadata says this is a Polymer data integration via Membrane, but the body describes the unrelated Polymer JavaScript UI library and its object model. This mismatch can cause an agent or user to invoke the skill under false assumptions, increasing the chance of unintended authenticated network actions against an external account.

Intent-Code Divergence

High
Confidence
96% confidence
Finding
The contradictory documentation mixes an integration skill with content about the Polymer JavaScript library, creating ambiguity about the skill's purpose and behavior. In an agent setting, ambiguity is dangerous because it can lead to selecting the skill for the wrong task and then executing real operations on a connected third-party account.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The description 'Manage data, records, and automate workflows' is broad enough to match many generic user requests, which can cause over-triggering of a network-capable skill. Over-broad routing increases the risk of unnecessary external actions or disclosure of account-connected data when a narrower, safer tool would suffice.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill tells the agent how to authenticate and connect to an external service but does not prominently warn that commands perform real networked operations against user-linked accounts. Without explicit notice and consent language, users may not understand that listing, creating, or running actions can affect live external systems.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal