ClawHub
Back to skill

Security audit

Shopping Merchant

Security checks across malware telemetry and agentic risk

Overview

This is a simple shopping advice skill with one off-topic business-planning example, but it does not include code, persistence, or data-access behavior.

Safe to install for shopper-side merchant comparison. Be aware that one example about starting a night-market food stall is off-topic; do not rely on this skill for food business setup, licensing, sourcing, or seller operations advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The skill is defined as a shopper-facing merchant-trust evaluator, but it includes a night-market food stall business-planning scenario unrelated to that purpose. This scope drift can cause incorrect activation and lead the agent to provide entrepreneurial or food-business guidance outside its declared trust-assessment boundaries, increasing the chance of unsafe or non-compliant advice.

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The documentation says the skill is not a seller onboarding plan, yet the included scenario gives seller/business setup advice such as product selection, sourcing, and licensing considerations. This contradiction weakens safety boundaries and may induce the system to ignore its own limitations, producing advice in regulated areas like food handling and licensing.

Vague Triggers

Medium
Confidence
95% confidence
Finding
An unrelated stall-recommendation scenario broadens the apparent purpose of the skill and makes invocation boundaries ambiguous. Ambiguous scope is dangerous because routing systems or downstream agents may activate this skill for business-planning or food-sales questions it was not designed to handle, resulting in unreliable or risky guidance.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal