ClawHub

Mobb Vulnerabilities Fixer

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly coherent for Mobb-based vulnerability remediation, but its monitoring check can trigger scans and automatic code changes when auto-fix is enabled without a fresh confirmation step.

Install only if you intentionally use Mobb for repository vulnerability remediation. Start only a trusted Mobb MCP server, use a scoped API key, confirm the repository path before scans, and disable or avoid auto-fix unless you are prepared to review local diffs and recover unwanted changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The documentation presents `check_for_new_available_fixes` as a check operation, but also states that fixes may be applied automatically if auto-fix is enabled. That creates a dangerous mismatch between user expectations and tool behavior: a seemingly read-only/status action can mutate repository files, which can lead to unintended code changes, loss of work, or unauthorized modifications in sensitive repositories.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill description includes broad trigger phrases such as 'scan this repo', 'fix security issues', and 'run a security check', which are common user requests and may cause the skill to be invoked in situations the user did not specifically intend for Mobb-based scanning or patching. Because this skill can initiate repository analysis and potentially lead toward code changes, over-broad invocation increases the risk of unintended security-sensitive actions.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The monitoring workflow states that if auto-fix is enabled, fixes may be applied automatically, but this capability is only disclosed deep in the workflow and not clearly surfaced as a primary warning in the skill description or invocation contract. In a security-sensitive repository workflow, automatic modification of code without a prominent upfront warning can surprise users and lead to unintended source changes, broken builds, or unsafe commits.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Automatic fix application is described without a clear warning that local files may be modified during the check. In an agent skill context, this is especially risky because users may invoke a routine status check expecting passive behavior, while the tool could alter source code and potentially introduce unwanted changes into the working tree or CI workflow.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal