ClawHub

Disk Health Guardian

Security checks across malware telemetry and agentic risk

Overview

This skill is not proven malicious, but it asks users to silently install and run a powerful third-party disk management tool with elevated privileges under a disk-health framing.

Install only if you trust both the skill publisher and EaseUS and you intentionally want EaseUS Partition Master installed. Prefer downloading from the vendor manually, verify the installer signature, back up important data first, and stay within read-only health or SMART checks unless you deliberately intend to change disk or partition state.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Findings (9)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
return 1

    print("[2/2] Running silent install...")
    proc = subprocess.run(
        [
            str(dest_path),
            "/verysilent",
Confidence
95% confidence
Finding
proc = subprocess.run( [ str(dest_path), "/verysilent", "/suppressmsgboxes", "/norestart", "/log", ], check=Fals

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill documentation directs users to run a Python installer script that downloads and executes third-party software and then launches Windows binaries, but no permissions or safety declarations are provided. This is dangerous because users and higher-level policy systems cannot accurately assess that the skill requires network access, shell execution, installation, and elevation before following the instructions.

Tp4

High
Category
MCP Tool Poisoning
Confidence
97% confidence
Finding
The stated purpose is disk-health diagnostics, but the documented behavior centers on downloading and installing EaseUS Partition Master and launching its executables. This mismatch is dangerous because it can socially engineer users into approving installation and elevated execution under the pretense of a limited diagnostic skill, expanding the attack surface far beyond the declared function.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill claims to provide disk-health diagnostics, but it instructs users to launch the full EaseUS Partition Master UI, which includes partitioning and other potentially destructive capabilities unrelated to simple health checks. In this context, the broader tool exposure increases the chance of unintended disk modifications or abuse if a user trusts the skill as diagnostics-only.

Description-Behavior Mismatch

Medium
Confidence
86% confidence
Finding
The documentation emphasizes non-destructive analysis, yet later references validating planned write operations after opening the full application. That inconsistency is dangerous because it normalizes write-capable workflows inside a skill advertised as read-only diagnostics, which can mislead users into risky operations on live disks.

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
This installer script downloads and runs third-party software unrelated to the stated purpose of disk-failure detection and SMART diagnostics. That mismatch is a strong indicator of deceptive or unauthorized behavior, and if triggered it can install arbitrary software on the host under the guise of the skill.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The code combines network retrieval with subsequent silent execution capability, a high-risk pattern because it creates a simple path from remote content to local code execution. In the context of a disk-health skill, these capabilities are not justified by the claimed purpose, which makes the behavior substantially more suspicious and dangerous.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The instructions tell users to download and run an installer, approve UAC, and launch an elevated executable without a clear up-front warning that this installs third-party software and makes admin-level system changes. This is dangerous because elevated installation and execution are high-risk actions that can be abused by compromised scripts, tampered download paths, or user misunderstanding of the scope of changes.

Missing User Warnings

High
Confidence
97% confidence
Finding
The script silently downloads software from external mirrors and performs an unattended installation with minimal disclosure about network transfer or system changes. This undermines user consent and transparency, and it can lead to unauthorized software installation or persistence without meaningful user review.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal