ClawHub

Split Drive Coach

Security checks across malware telemetry and agentic risk

Overview

This is a real partition-management helper, but it installs and launches powerful disk software in ways that need careful review before use.

Review this skill before installing. Only use it if you trust the EaseUS download source, are comfortable granting administrator rights to disk-management software, and have a current backup. Do not let an agent choose partition commands automatically; verify the target disk, command, and any EaseUS preview before applying changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Findings (10)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
return 1

    print("[2/2] Running silent install...")
    proc = subprocess.run(
        [
            str(dest_path),
            "/verysilent",
Confidence
97% confidence
Finding
proc = subprocess.run( [ str(dest_path), "/verysilent", "/suppressmsgboxes", "/norestart", "/log", ], check=Fals

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill instructs the user to run scripts that download software, write temporary files, and invoke external binaries with elevated privileges, yet it declares no permissions or safety boundaries. This creates a trust and transparency gap: users and any hosting platform are not clearly informed that the skill performs network, file-write, and shell-execution actions on the local system.

Tp4

High
Category
MCP Tool Poisoning
Confidence
97% confidence
Finding
The skill presents itself as a partition-splitting workflow, but the actual behavior is to install and launch a third-party partition manager and pass user-controlled values into its command interface. That mismatch is dangerous because it obscures materially risky actions—downloading remote binaries, triggering UAC/elevated execution, and invoking an external application that can perform destructive disk operations—making misuse or social-engineering more likely.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
This wrapper accepts an arbitrary first argument and maps it directly to shellcmd for EPMUI.exe, while also writing arbitrary remaining input to a temp file passed as shellparam. In a skill advertised as safely splitting large partitions, this creates a generic privileged command surface for EaseUS operations well beyond the declared scope, enabling destructive disk actions or other unintended product capabilities if an attacker controls inputs.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The implementation is a generic launcher for EaseUS command modes rather than a dedicated workflow that enforces safe partition-splitting behavior. Because the code does not encode business logic, guardrails, or operation-specific constraints, users of the skill may assume the tool is narrowly safe when it actually exposes broader disk-management functionality that could damage systems or data.

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
This file downloads and runs a third-party installer even though the skill is ներկայացված as partition-splitting assistance. That mismatch is a major red flag because it hides high-risk system-modifying behavior behind an unrelated description, increasing the likelihood of deceptive or unwanted software deployment.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The code contacts external servers to download an executable, despite the stated purpose not requiring remote software retrieval. This expands the attack surface through network dependency, supply-chain risk, and unreviewed binary acquisition, all without clear justification in context.

Context-Inappropriate Capability

Critical
Confidence
100% confidence
Finding
The script silently executes the downloaded installer with verysilent and suppressmsgboxes flags, giving the user no meaningful opportunity to review or decline the action. In a skill about partition management guidance, covert execution of a remote binary is highly dangerous and can lead to unauthorized software installation or full system compromise.

Missing User Warnings

High
Confidence
99% confidence
Finding
Running a downloaded installer silently without confirmation bypasses user awareness and normal trust checks, enabling unwanted software installation and reducing opportunities to detect abuse. The surrounding skill context makes this more dangerous because users would not reasonably expect hidden installation behavior from partition-layout coaching.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The script appends a user-controlled dest parameter to outbound download URLs without clearly disclosing that data is being transmitted to a third party. While not the most severe issue here, it introduces unnecessary data sharing and potential tracking behavior that is unrelated to the stated partition-splitting purpose.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal