ClawHub

my-test-skill

Security checks across malware telemetry and agentic risk

Overview

This security-scanner skill is mostly purpose-aligned, but it sends matched code evidence to a third-party cloud service by default while understating the privacy impact.

Install only if you trust this publisher and are comfortable with scan evidence being sent to as.dun.163.com by default. For private, regulated, or proprietary code, set YIDUN_SKILL_SEC_CLOUD=false before scanning, and verify the identity mismatch between my-test-skill metadata and yidun-skill-sec artifacts before relying on its security verdicts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The documentation claims only non-sensitive metadata is uploaded and explicitly says sensitive data is not sent, but later sections state that matched source lines, URLs, commands, install URLs, credential-access expressions, and file paths are transmitted to a third-party cloud service. This is a real security/privacy issue because users may consent under misleading assumptions and sensitive business logic or secrets-adjacent context can leak through snippets and metadata.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill enables cloud upload by default and sends extracted evidence artifacts to a third party, but the high-level description does not clearly warn users before use that portions of source lines and package metadata may leave the local environment. In a security-scanning skill, this context makes the issue more serious because scanned code may contain proprietary logic, internal URLs, credentials-adjacent references, or regulated data.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal