ClawHub

dropspace

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a disclosed Dropspace social-publishing API guide, but it also includes broad admin, webhook, post-deletion, and attribution-data capabilities that users should review carefully before installing.

Install only if you trust Dropspace and intend to let an agent work with your Dropspace account. Use a separate least-privilege key, preferably read/write/generate for drafting; add publish, delete, or admin only when you explicitly need those actions. Review any command that publishes, deletes posts, manages API keys, creates webhooks, uses payment headers, or queries Supabase/profile attribution data before allowing it to run.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill is presented as a social-media publishing integration, but it also exposes API key management and webhook administration capabilities that materially expand the privilege boundary. In an agent setting, this scope creep can let the tool create/revoke credentials or establish outbound webhook channels unrelated to the user’s immediate posting task, enabling persistence, data exfiltration, or account takeover paths if invoked unsafely.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The first-touch attribution and direct Supabase profile-query guidance introduces access to user/referrer analytics data that is not necessary for basic social-media publishing. That broadens the accessible data surface to potentially sensitive marketing and profile metadata, creating unnecessary privacy and data-minimization risk in an agent workflow.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrase includes broad language such as handling 'anything Dropspace-related,' which can cause the skill to activate for loosely related requests beyond safe social posting tasks. Over-broad routing increases the chance an agent invokes powerful write, publish, delete, or admin-adjacent operations when a narrower tool should have been selected or when no external action was warranted.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill documents deletion of published social posts without an explicit warning or confirmation requirement despite affecting live public content. In an autonomous or semi-autonomous agent context, this raises the risk of irreversible brand-impacting actions from ambiguous prompts or tool misuse.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal