ClawHub

ubuntu pro auditor

Security checks across malware telemetry and agentic risk

Overview

This skill only performs simple local Ubuntu status checks, but it substantially overclaims enterprise security, compliance, and remediation capabilities.

Treat this as a basic local Ubuntu Pro and Livepatch status checker, not an enterprise compliance or remediation platform. Do not rely on it for CVE coverage, patch orchestration, SOC2/HIPAA/CIS evidence, fleet monitoring, alerts, or executive dashboards unless the publisher provides matching implementation and tests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill advertises and appears to invoke shell-capable behavior without declaring corresponding permissions, which weakens user visibility and platform enforcement around command execution. In a security-auditing skill, hidden or undeclared shell access is especially risky because users may trust it to inspect sensitive system state, and shell execution can be expanded to run broader local commands than expected.

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The skill description materially overstates its capabilities, claiming enterprise-grade CVE correlation, remediation orchestration, and compliance automation while apparently only performing basic local Ubuntu Pro and Livepatch checks. This mismatch is dangerous because operators may make security decisions based on a false sense of coverage, leaving vulnerabilities unassessed or unremediated in environments that may be high-value or regulated.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal