ClawHub

Mongo Db Client Tool

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed MongoDB helper that can read, write, and persist database records, so it is appropriate only with deliberately scoped database access.

Install only if you intend agents to access MongoDB. Use a dedicated least-privilege MongoDB user, restrict it to the intended database and collections, avoid storing secrets or regulated data without a retention plan, and require explicit review for bulk updates, upserts, schema/index changes, deletes, and collection drops.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill documents use of environment variables for MongoDB credentials and runtime behavior, but the metadata does not declare corresponding permissions or capability requirements. This creates a transparency and policy-enforcement gap: an agent may access sensitive connection data or connect to external infrastructure without clear review boundaries.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger guidance is broad enough to match routine requests like saving or retrieving data, which can cause the skill to activate in contexts where persistent storage was not explicitly intended. In a database skill with full CRUD support, overbroad invocation increases the chance of unnecessary data retention, accidental writes, or access to sensitive stored records.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill advertises broad CRUD and aggregation capabilities over potentially sensitive financial and watchlist data, but it does not include safety guidance on privacy, credential handling, retention, or consequences of modifying persistent state. That omission makes misuse more likely and lowers operator awareness around handling secrets and regulated or sensitive records.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal