ClawHub

massbloger

Security checks across malware telemetry and agentic risk

Overview

This looks like a legitimate WordPress automation connector, but it gives a hosted service broad, persistent control over live WordPress sites.

Install only if you trust Massblogger with the connected WordPress sites. Use dedicated least-privilege WordPress accounts where possible, enable publish guard for sites that should not publish automatically, require dry runs before bulk or cross-site operations, review generated content before publication, and rotate or revoke both the MCP token and WordPress Application Passwords when access is no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Session Persistence

Medium
Category
Rogue Agent
Content
## Overview

- **What it does:** Connects OpenClaw to the Massblogger MCP server, giving the agent full read/write access to WordPress (posts, pages, categories, tags, media, menus, users, settings, comments, plugins, themes, revisions, scheduling) plus Massblogger's native content generation, pSEO, automation, and media pipelines.
- **When to use it:** When you want an AI agent to manage one or more WordPress sites — writing, editing, publishing, restructuring, bulk operations, cross-site changes — without you copying HTML or switching tabs.
- **Requirements:** A Massblogger account at massblogger.com, at least one WordPress site connected in Massblogger (with Application Password stored), and an MCP token generated from Massblogger settings.
Confidence
88% confidence
Finding
write access to WordPress (posts, pages, categories, tags, media, menus, users, settings, comments, plugins, themes, revisions, scheduling) plus Massblogger's native content generation, pSEO, automati

Session Persistence

Medium
Category
Rogue Agent
Content
```

```text
Write a 1500-word article about the best lightweight camping stoves for myblog.com, publish it as a draft, generate a featured image, and set the Yoast meta description
```

```text
Confidence
80% confidence
Finding
Write a 1500-word article about the best lightweight camping stoves for myblog.com, publish it as a draft, generate a featured image, and set the Yoast meta description ``` ```text List the last 20 p

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal