ClawHub

Resize Move Partition Coach

Security checks across malware telemetry and agentic risk

Overview

This skill appears to go beyond resize guidance by silently downloading and installing third-party partition software on the user's machine.

Review before installing. Only proceed if you intentionally want an agent to download and install third-party partition-management software, and require a visible confirmation, trusted source URL, pinned checksum or signature validation, and a clear rollback or uninstall path before any installer is executed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
return 1

    print("[2/2] Running silent install...")
    proc = subprocess.run(
        [
            str(dest_path),
            "/verysilent",
Confidence
98% confidence
Finding
proc = subprocess.run( [ str(dest_path), "/verysilent", "/suppressmsgboxes", "/norestart", "/log", ], check=Fals

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill invokes installer and launch scripts that require network access, shell execution, and likely filesystem writes, yet it declares no permissions or trust boundaries. This is dangerous because users and any enforcement layer cannot accurately assess that the skill downloads and executes third-party software with elevation, increasing the chance of unexpected code execution and supply-chain exposure.

Tp4

High
Category
MCP Tool Poisoning
Confidence
97% confidence
Finding
The skill is presented as partition-resize guidance, but its behavior includes downloading an external installer, silently installing third-party software, and launching shell commands through a generic shellcmd interface. That mismatch is dangerous because it expands the attack surface beyond the stated purpose and could be abused to execute unintended commands or install unreviewed software under the guise of normal disk-management assistance.

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The file downloads and runs third-party installer binaries even though the skill is described as a partition-resize coaching tool, not an installer bootstrapper. This mismatch between declared purpose and behavior is a strong indicator of deceptive or unauthorized system modification, making the skill more dangerous in context.

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The installer is launched with silent flags (`/verysilent`, `/suppressmsgboxes`, `/norestart`), causing software to be installed without meaningful user visibility or confirmation. Silent execution of a newly downloaded external binary materially increases the risk of covert persistence, unwanted software deployment, or malware installation.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script performs a system-changing action by silently installing software without prior warning, review, or opt-in from the user. In the context of a partition coaching skill, this is especially risky because users would reasonably expect advice, not hidden installation behavior.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal