ClawHub

PrepSPSC PYQ API

Security checks across malware telemetry and agentic risk

Overview

This skill is an instruction-only exam-prep API integration with disclosed external API calls, though users should understand that optional progress and bookmark features store study activity with PrepSPSC.

Install only if you are comfortable using PrepSPSC’s external API. Keep the API key private, avoid using personally identifying user IDs or sensitive bookmark notes, and use progress, analytics, bookmarks, or leaderboard features only when you are comfortable having that study activity stored by the service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill manifest presents the capability as exam preparation and PYQ/mock-test help, but the documentation also includes persistent user progress tracking, analytics, bookmarks, and leaderboard features. This creates a scope-transparency gap: users or orchestrators may invoke the skill without realizing it can collect and transmit longitudinal study behavior and identifiers to an external service.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger set contains broad phrases like 'exam preparation', 'mock test', and 'government job exam', which can cause the skill to activate outside its narrow SPSC/PYQ use case. Over-broad activation increases the chance of unnecessary external calls, data disclosure to a third-party service, or incorrect routing of user requests to a domain-specific provider.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill describes sending user-linked study activity such as external_user_id, answers, correctness, and time spent to an external API, but does not clearly warn users that identifiable learning telemetry will be transmitted and stored. This is a privacy vulnerability because users may unknowingly disclose behavioral and account-linked data to a third party.

External Transmission

Medium
Category
Data Exfiltration
Content
**Add bookmark:**
```bash
curl -X POST "https://qqqditxzghqzodvauxth.supabase.co/functions/v1/pyq-api/bookmarks" \
  -H "Authorization: Bearer $PREPSPSC_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"external_user_id": "user123", "question_id": "uuid-here", "note": "Review later"}'
Confidence
90% confidence
Finding
curl -X POST "https://qqqditxzghqzodvauxth.supabase.co/functions/v1/pyq-api/bookmarks" \ -H "Authorization: Bearer $PREPSPSC_API_KEY" \ -H "Content-Type: application/json" \ -d '{"external_user_

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal