ClawHub

fail2ban Reporter

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it reports fail2ban-banned IPs to AbuseIPDB, but installing auto-reporting gives it persistent privileged access to fail2ban configuration.

Install only on a server where you intentionally want fail2ban bans reported to AbuseIPDB under your API key. Review the scripts before running sudo install, confirm third-party sharing of banned IPs and comments is acceptable for your environment, and do not depend on Telegram alerts unless an implementation is added.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill advertises and invokes shell scripts but does not declare corresponding permissions, which prevents users and reviewers from understanding its execution capabilities upfront. In this context, the shell access is significant because the skill installs system-level fail2ban actions and runs local scripts that can alter host configuration and transmit data externally.

Tp4

High
Category
MCP Tool Poisoning
Confidence
96% confidence
Finding
The documented behavior does not fully match the skill's actual capabilities: it can perform additional IP lookups, show local/reporting stats, and install or remove fail2ban configuration, while also claiming Telegram notification support that appears absent. This mismatch is dangerous because users may authorize or run the skill under incomplete assumptions, leading to unexpected system changes, data sharing, or false reliance on missing alerting functionality.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README promotes automatic reporting of banned IPs to AbuseIPDB but does not clearly warn users that IP addresses, timestamps, and attack metadata will be sent to a third party. In a security-monitoring skill, this kind of external data sharing is central to the feature, so the missing disclosure is a real privacy and compliance risk rather than a purely theoretical concern.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill omits a prominent warning that it sends banned IP information to AbuseIPDB and modifies fail2ban for automatic reporting. Even if the functionality is aligned with the skill's purpose, users need explicit notice and consent because the behavior affects system security configuration and shares operational security data with a third party.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal