ClawHub

EcoLink 批量碳足迹搜索

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly coherent for batch carbon-footprint lookup, but it sends user product data to an EcoLink server over unencrypted HTTP at a hard-coded IP address.

Review before installing if your batch files contain confidential product lists, formulations, suppliers, or procurement data. Use --no-llm to avoid LLM-provider sharing, but note that database searches still contact the EcoLink raw API over plain HTTP.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill describes capabilities to read user-supplied files, write result files, and make network requests, but it does not declare any permissions. Undeclared capabilities reduce transparency and bypass least-privilege review, making it harder for users or platforms to assess whether file access and outbound API calls are expected and constrained.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script sends user-provided product/material names to a third-party LLM endpoint and includes the user's API key in the Authorization header, but it does not provide an explicit runtime disclosure or consent checkpoint before transmitting potentially sensitive business data. In this skill context, batch uploads may contain proprietary product lists or formulations, so silent external transmission meaningfully increases privacy and confidentiality risk.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The raw search function sends user queries, translations, and alternate names to an external server at a hard-coded IP address over plain HTTP, with no transport encryption and no explicit user disclosure. This creates both confidentiality risk from undisclosed third-party sharing and network interception risk, especially because uploaded Excel batches may contain sensitive internal procurement or materials data.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal