ClawHub

Salesforce

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Salesforce integration, but users should be careful because it can change or delete live Salesforce records and schema when granted enough Salesforce permissions.

Before installing, confirm that you trust ClawLink to broker Salesforce OAuth and connect only a Salesforce account with permissions appropriate for the work. Use extra caution with deletes, bulk operations, file access, and custom field/object creation, and require a clear preview plus explicit approval before any write action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill is presented as a CRM record-management integration, but it also exposes administrative capabilities that can modify Salesforce schema by creating custom fields and custom objects. This scope expansion increases risk because an agent or user may invoke organization-wide metadata changes that are more privileged and impactful than ordinary record CRUD, potentially causing governance, compatibility, or compliance issues.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The documentation states that all write operations require explicit user confirmation, but the quick-start and example commands show direct execution of write tools without any preview or confirmation workflow. This inconsistency can train agents or operators to bypass safety checks and perform unintended creates, updates, or deletes in a live Salesforce org.

VirusTotal

47/47 vendors flagged this skill as clean.

View on VirusTotal