ClawHub

Ubuntu Encyclopedia

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Ubuntu documentation helper that fetches official Ubuntu pages and stores local workspace notes/cache for troubleshooting.

Install only if you are comfortable with the agent making Ubuntu documentation network requests and writing a .Ubuntu-Encyclopedia cache/notes tree in the workspace. Review any proposed live admin commands before execution, especially upgrades, package repair, networking, storage, boot, or service/security changes, and keep the notes free of secrets or stale access details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill explicitly instructs the agent to fetch remote Ubuntu documentation and write cached content and notes into the workspace, but no permissions are declared. That creates an authority/visibility gap: users and enforcement layers may not realize the skill can perform network access and persistent file writes, which can lead to unintended data persistence or outbound requests during use.

Tp4

High
Category
MCP Tool Poisoning
Confidence
82% confidence
Finding
The description frames the skill as a documentation-first answering workflow, but the body also authorizes creating directories, fetching remote content, and storing normalized copies locally. This mismatch can cause users to invoke what appears to be a read-oriented knowledge skill while it actually performs state-changing operations, increasing the chance of unexpected network activity and filesystem modification.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal