ClawHub

ZenTao Analytics

Security checks across malware telemetry and agentic risk

Overview

This ZenTao analytics skill is conceptually legitimate, but it advertises live employee/task analytics while the included analyzer currently uses hard-coded sample data.

Review before installing or using for real management decisions. Use only a dedicated read-only ZenTao token or database account, treat generated reports as sensitive personnel data, and do not rely on the current analyzer for employee evaluation until it clearly distinguishes demo data from live ZenTao data or implements real data retrieval.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill documents use of environment variables and network/API access, but no explicit permission declaration is present. In an agent skill system, this creates a transparency and policy-enforcement gap: a caller may invoke a skill that can access secrets or external services without clear consent boundaries.

Tp4

High
Category
MCP Tool Poisoning
Confidence
79% confidence
Finding
The documented behavior does not cleanly match the described purpose: it claims live ZenTao API/database analytics, yet the finding indicates simulated data use and an additional export/conversion path. Behavior mismatches are dangerous because reviewers and users may grant trust or permissions based on the stated purpose while the skill performs materially different data handling operations, including file transformation/export that can widen data exposure.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script writes per-employee productivity and workload metrics to disk in JSON/CSV form without any consent prompt, sensitivity warning, access control, or redaction. In the context of a team performance analytics skill, these outputs can contain personnel evaluation data that may be retained, copied, or exposed through weak filesystem permissions or accidental sharing.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal