ClawHub

Query Payful Account

Security checks across malware telemetry and agentic risk

Overview

This skill is for checking a Payful balance, but it uses full Payful browser-session cookies and can send them to a user-supplied API URL.

Install only if you are comfortable giving the local agent environment full Payful session-cookie access. Avoid using --api-url unless you have verified it is an official Payful HTTPS endpoint, and prefer scoped read-only credentials if Payful offers them. Treat the token and user ID like account passwords and rotate or invalidate them if exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill requires sensitive credentials from environment variables and performs outbound network access, yet no explicit permissions are declared. This creates a governance and review gap: operators may not realize the skill can read high-value secrets and transmit authenticated requests to an external service. In this context, the undeclared capabilities are especially risky because the credentials are browser-session cookies that grant full account access.

Excessive Permissions

Low
Category
Privilege Escalation
Content
This skill queries Payful account information via the Payful API.

> **Security notice**: `PAYFUL_TOKEN` and `PAYFUL_USER_ID` are sensitive browser session cookies extracted from global.payful.com. They grant full access to your Payful account. Only set these values in a trusted environment and never share them.

## Prerequisites
Confidence
89% confidence
Finding
grant full access

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal