ClawHub

X Search

Security checks across malware telemetry and agentic risk

Overview

This skill does what it advertises: it searches X/Twitter through xAI using a user-provided API key.

Install this only if you are comfortable providing an xAI API key and sending your search queries to xAI. Use a dedicated key if possible, avoid committing it to source control or shared config, monitor quota or costs, and treat returned X content as untrusted information to verify through citations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill requires environment-variable access and makes outbound API calls, but the manifest does not explicitly declare permissions. That creates a transparency and policy-enforcement gap: a host may under-warn users or fail to properly gate sensitive capabilities such as credential access and network egress. In this context the behavior is expected for the skill’s purpose, but the missing declaration still weakens security review and consent.

Missing User Warnings

Low
Confidence
80% confidence
Finding
The setup instructions tell users to place an API key in an environment variable or config without any warning that the credential is sensitive. This can normalize unsafe handling, increasing the chance users paste secrets into logs, screenshots, shell history, shared config files, or less-protected environments. The context is less severe because API-key setup is necessary, but the lack of guidance still creates avoidable credential-exposure risk.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal