ClawHub

Prowlarr

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Prowlarr API helper, with expected but potentially destructive management commands users should run carefully.

Install only if you are comfortable giving the skill a Prowlarr API key for the configured instance. Protect the local config file, verify indexer IDs before enable/disable/delete actions, and treat delete and sync as explicit approval-only commands because they can change Prowlarr and connected apps.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill instructs the agent to invoke shell scripts, but the manifest does not declare any corresponding permissions or capability boundaries. This creates a mismatch between what the skill can do and what reviewers or runtime policy may expect, increasing the risk of unintended command execution, overbroad access, or unsafe future changes being introduced without visibility.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill documents a direct deletion command for indexers without any warning, confirmation step, or guidance to verify the target before execution. In an agent setting, this increases the chance of accidental destructive actions from user ambiguity, prompt injection, or operator error, potentially removing configured indexers and disrupting downstream services like Sonarr or Radarr.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script exposes a destructive delete operation for indexers and executes it immediately with no confirmation, dry-run, or secondary validation. In an agent context, malformed user input, prompt injection, or an automation mistake could cause irreversible removal of indexers and disruption of downstream search/sync workflows.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal