ClawHub

Subdomain Enum

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed subdomain enumeration tool whose network lookups and optional file use match its stated purpose.

Install only if you are comfortable running a local Python reconnaissance script. Use it only on domains you own or have permission to assess, remember that default runs contact crt.sh with the target domain, and use --no-crtsh for DNS-only operation when target privacy matters.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill advertises and instructs use of network access plus file read/write behavior, but the metadata shown does not declare any permissions. That mismatch undermines least-privilege controls and informed consent, allowing an agent platform or user to invoke reconnaissance and local file output capabilities without explicit declaration.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The description authorizes use for broad 'reconnaissance' and attack-surface discovery on 'any domain,' which can enable unauthorized target enumeration. In an agent ecosystem, such broad invocation language lowers the barrier to misuse by encouraging offensive scanning outside clearly authorized ownership or assessment contexts.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script sends the user-supplied target domain to crt.sh, a third-party external service, without making that data disclosure explicit in the primary interface or requiring opt-in. In a security/reconnaissance tool, this can leak sensitive investigation targets, internal domains, or client assets to an outside party and create privacy, compliance, or operational exposure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal