Back to skill

Security audit

Innovation Research

Security checks across malware telemetry and agentic risk

Overview

This is a paid research skill whose payment, network, credential, and local order-file behavior is disclosed and scoped to the payment flow.

Before installing, understand that this skill is paid: it creates a payment order, stores local order metadata, and sends a payment credential to a fixed service endpoint for verification. Do not proceed unless you trust the publisher and are comfortable using the referenced clawtip payment flow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Tp4

High
Category
MCP Tool Poisoning
Confidence
84% confidence
Finding
The skill is presented primarily as a research and technical exploration tool, but it also requires payment processing, credential access, outbound network activity, and local file operations. This behavior mismatch is dangerous because users may authorize the skill expecting content generation, not realizing it can initiate commercial/payment flows and interact with local state and credentials, increasing the chance of over-privileged use or unintended data exposure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.