ClawHub

pyscripts-org

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Python-script organization workflow with limited local file reading and documentation writes, and no evidence of hidden network, credential, persistence, or destructive behavior.

Install this only where you want the agent to manage local Python script documentation and possibly run or edit existing scripts. Review before allowing it to run unfamiliar scripts, and note that the included helper writes py_docs.md even though the skill text refers to pyscripts_docs.md.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill clearly instructs the agent to read and write repository files such as `pyscripts_docs.md`, `pyscripts_pitfall.md`, and Python scripts, yet it declares no permissions. This creates a governance gap: an agent may perform file I/O without explicit user awareness or policy review, increasing the risk of unintended modification of code or documentation.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger conditions are broad enough to activate on routine Python-script activity, including writing, modifying, or running scripts and handling errors. Overbroad activation can cause the agent to read code, modify files, update logs, or invoke maintenance workflows in contexts where the user did not intend this skill to run, increasing the chance of unnecessary code execution or file changes.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal