Back to skill

Security audit

myClub

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims, but its optional debug mode can leave authenticated pages and session cookies in local files without enough warning or protection.

Install only if you are comfortable storing your myclub.fi password locally and using this on a trusted machine. Avoid --debug unless necessary, delete any /tmp/myclub-* debug files afterward, and remove ~/.myclub-config.json when you no longer need the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The debug helper writes full authenticated HTML responses and session cookies to predictable local files, including /tmp paths used during login and schedule fetches. Those artifacts can expose account data and reusable session tokens to other local users, backups, crash collectors, or later malware, which exceeds the tool's stated purpose of fetching schedules.

Intent-Code Divergence

Low
Confidence
81% confidence
Finding
The manifest claims the config is accessed with mode 0600, but load_config() simply opens the file and never verifies that permissions are actually restricted. If the credentials file is world- or group-readable due to prior misconfiguration, local users or processes could read stored myclub.fi credentials.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Debug mode stores sensitive authenticated content and cookie values to disk without clear upfront warning that these files may contain secrets and personal schedule data. Because this skill handles login credentials and authenticated web sessions, silent debug persistence materially increases the chance of credential/session leakage beyond normal operation.

Ssd 3

Medium
Confidence
96% confidence
Finding
The 'page state dump' behavior writes raw HTML and cookies in plain files, making authenticated session state easy to inspect and potentially reuse. In the context of a skill that logs into a third-party account and accesses private schedule information, this creates a real confidentiality and session-hijacking risk on the local machine.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.