ClawHub

Pathé Movie Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Pathé movie lookup helper with disclosed public API access and temporary poster handling for WhatsApp delivery.

Install if you want Pathé Netherlands movie and showtime lookup. Be aware it contacts Pathé public APIs and may temporarily save poster images under /tmp when sending posters through WhatsApp; keep that behavior limited to user-requested posters and clean up temporary files when practical.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill clearly instructs network access to Pathé APIs and reading a local config file, yet no corresponding permissions are declared. This creates a capability/permission mismatch that can bypass user and platform expectations about what the skill may access, reducing transparency and weakening policy enforcement.

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill expands from simple API lookup into downloading remote media and storing it on local disk for later delivery. This introduces unnecessary file-write and content-staging behavior, increasing attack surface through disk usage, unsafe file handling, and potential abuse of fetched remote content.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
WhatsApp-specific local media staging is outside the core scope of a Pathé movie lookup skill and adds a cross-channel delivery capability not justified by the description. Scope creep like this is dangerous because it can enable unreviewed file handling and message-delivery behaviors beyond what users expect from a lookup skill.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The instructions direct the agent to write downloaded poster files locally without any user disclosure or consent. Undisclosed local file writes are risky because they can surprise users and operators, complicate auditing, and create opportunities for storage abuse or persistence of untrusted content.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal