ClawHub

Leetify

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it claims: query Leetify for CS2 stats and optionally parse demos, with local storage used for player mappings and cached match logs.

Install only if you are comfortable providing a Leetify API key, installing the Python dependencies, downloading/parsing CS2 demo files, and keeping local player mappings and cached logs. On shared systems, save only identifiers you need and delete stored mappings or cached match logs when they are no longer useful.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill advertises and instructs use of capabilities including environment variable access, shell execution, network access, and local file read/write, but it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: a host or reviewer may treat the skill as lower risk than it really is, while the documented workflow can download external data, parse files, and persist local state.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
This file implements persistent local identity mapping and management functionality that is broader than the stated skill purpose of querying Leetify stats and demo analysis. Scope expansion is risky because it introduces unnecessary data handling and storage behavior, increasing the chance of privacy issues, unauthorized enumeration, or later misuse of retained identity mappings.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The code stores Telegram-linked identity data, including username, optional display name, and optional telegram_id, in a local JSON file and supports bulk enumeration via list_all(). For a skill whose declared purpose is Leetify stats and gameplay analysis, collecting and retaining cross-platform identity mappings is unnecessary and creates a privacy and data-minimization problem if the file is exposed or abused.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal