ClawHub

TencentCloud Websocket Checker

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed WebSocket latency diagnostic skill with expected network probing and optional dependency installation, but users should review privileged setup steps before running them.

Install only if you need WebSocket connection timing diagnostics. Review any script before running it with sudo, avoid the macOS remote Homebrew installer path unless you trust it, test only endpoints you control or are authorized to probe, and treat cron examples as persistent monitoring that must be removed when no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill advertises and relies on shell scripts, dependency installation, and execution flows, but the skill definition does not declare corresponding permissions or operational boundaries. This creates a governance gap: an agent may invoke shell-capable behavior without explicit user or platform approval, increasing the chance of unintended command execution or system modification.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
On macOS, the script downloads and executes a remote Homebrew installer via curl | bash, which is a classic supply-chain and arbitrary code execution risk. Because this script is intended to be run by users specifically to install dependencies, the behavior materially expands trust to a third-party network resource and executes whatever content is served at runtime.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The trigger description is overly broad, stating the skill should activate even for loosely related topics such as general WebSocket slowness or Tencent TTS latency. Overbroad activation can cause the agent to select a shell-executing diagnostic skill in contexts where the user did not request command execution, expanding exposure to network actions and local script runs.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation includes system-modifying and persistent-write behaviors, such as running an installation script with sudo and appending diagnostic output to log files from cron, without prominently warning that these actions change the host. In an agent setting, insufficient disclosure can lead to unexpected privilege use, package installation, and filesystem writes on behalf of the user.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly tells users to run an automated installer with sudo, which normalizes privileged execution of an unreviewed script. Even though the README itself is documentation, this is a real security issue because it can lead users to make system-wide changes or execute harmful installer logic as root without any warning, review guidance, or scope description.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The script performs DNS resolution and HTTP/HTTPS requests to arbitrary user-supplied WebSocket endpoints using dig and curl, which can trigger outbound connections to internal services, sensitive hosts, or attacker-controlled infrastructure. In an agent/skill context, this creates an SSRF-style network interaction and privacy risk because simply invoking the skill causes active probing of targets without an explicit safety warning, allowlist, or restriction.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
# 验证 SSL 证书
openssl s_client -connect your-domain.com:443 -servername your-domain.com

# 如果证书有问题,可临时使用 curl -k(不推荐生产使用)
curl -k -I https://your-domain.com/
```
Confidence
88% confidence
Finding
curl -k(不推荐生产使用) curl -k

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal