ClawHub

price-tracker

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a coherent price-monitoring tool, but its historical price feature fabricates random history while presenting it as real data for business decisions.

Review before installing. Use it only if you are comfortable sending product searches, monitored items, and derived search-result text to SkillBoss. Do not rely on the historical price reports, trend analysis, or predictions as real market history unless the maintainer replaces the mock generation or clearly labels it as simulation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Intent-Code Divergence

High
Confidence
99% confidence
Finding
This is a true vulnerability because the function is presented as retrieving historical price data, but it actually synthesizes fake history from a single current price using random variation. In a price-tracking/arbitrage skill, fabricated trend and volatility data can directly mislead decisions, causing financial loss and undermining trust in the tool's outputs.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
This is a real issue because the script's description and behavior imply genuine historical tracking, while the implementation generates synthetic records instead of accessing historical data. In the context of monitoring prices for arbitrage opportunities, this makes the skill more dangerous because users may rely on false historical trends, predictions, and alerts for real financial decisions.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The manifest description uses broad activation language such as 'Use when finding products to flip, monitoring competitor pricing, tracking price history, identifying arbitrage opportunities, or setting automated price alerts,' which can cause the skill to be selected for generic shopping or pricing tasks. Overbroad routing increases the chance that unrelated user queries and product data are unnecessarily sent to this skill and its external backend.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explains that product searches and monitoring are powered by SkillBoss API Hub, but it does not prominently warn users that their queries, monitoring targets, and related data will be transmitted to a third-party service. This lack of clear disclosure can lead to inadvertent sharing of business-sensitive sourcing strategy, competitor monitoring, or purchasing intent.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script transmits user-supplied product queries and scraped search-result content to an external API without an explicit warning, consent flow, or privacy notice. Because the content sent in the second call includes up to 3000 characters of search-result data, users may unknowingly disclose business research, monitoring targets, or other sensitive operational data to a third party.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal