ClawHub

麦当劳MCP服务集成,支持点餐、优惠券、麦麦商城、积分兑换等功能。

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says, but it can use a McDonald’s account token to place orders, change addresses, claim coupons, or redeem points without documented confirmation safeguards.

Install only if you are comfortable giving an agent access to a McDonald’s MCP token. Keep the token revocable and private, prefer read-only queries first, and require the agent to show exact order contents, address details, coupon action, or points cost before any action that changes the account or spends value.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill explicitly instructs the agent to make outbound HTTP requests to https://mcp.mcd.cn using a bearer token, which is a real network capability, yet no permissions are declared. Undeclared network access is dangerous because it obscures the skill's true capabilities, reducing user visibility and policy enforcement around external data transmission and token use.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill advertises state-changing and transaction-like actions including adding delivery addresses, claiming coupons, creating delivery orders, and redeeming points, but it does not clearly warn users that these actions can modify account data or spend value-bearing assets. In this context, the omission is especially risky because the integration targets a real consumer account tied to identity, addresses, orders, coupons, and loyalty points, making accidental or unauthorized actions materially harmful.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal