ClawHub

OT Security Posture Scorecard

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims, but it sends sensitive OT/ICS security details and an API key to a third-party service with weak user-warning and TLS-practice concerns.

Review before installing. Use this only if your organization approves sending OT/ICS/SCADA security posture details to ToolWeb; minimize or anonymize organization names, plant details, known gaps, and threat concerns where possible. Protect the TOOLWEB_API_KEY, and avoid running scripts/test-api.sh unless the curl -k option is removed or a proper trusted certificate setup is used.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill instructs the agent to invoke `curl`, which is a shell capability, but it does not declare any permissions for that execution path. This creates a transparency and governance gap: the skill can perform command execution and network egress without an explicit permission model, making review and policy enforcement harder.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README explicitly says the agent will gather OT environment details and send them to an external Security API, but it does not warn users about the sensitivity of OT/ICS/SCADA data, third-party processing, retention, or jurisdiction/privacy implications. In critical infrastructure contexts, architecture details, control gaps, and asset information can materially increase operational and security risk if disclosed to an external service without informed consent and data minimization.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill sends sensitive organizational and OT/ICS security posture data to a third-party API, including maturity scores, known gaps, technologies, and threat concerns, without an explicit user-facing warning or consent step. In this context, that data is highly sensitive because it can reveal defensive weaknesses and critical-infrastructure exposure that would be valuable to an attacker or risky from a compliance perspective.

External Transmission

Medium
Category
Data Exfiltration
Content
env:
        - TOOLWEB_API_KEY
      bins:
        - curl
    primaryEnv: TOOLWEB_API_KEY
    os:
      - linux
Confidence
94% confidence
Finding
curl primaryEnv: TOOLWEB_API_KEY os: - linux - darwin - win32 category: security --- # OT Security Posture Scorecard 🏭🔒 Assess the security posture of Operational Techn

External Transmission

Medium
Category
Data Exfiltration
Content
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo ""

RESPONSE=$(curl -sk -w "\n%{http_code}" -X POST "$API_URL" \
  -H "Content-Type: application/json" \
  -H "X-API-Key: $TOOLWEB_API_KEY" \
  -d '{
Confidence
94% confidence
Finding
curl -sk -w "\n%{http_code}" -X POST "$API_URL" \ -H "Content-Type: application/json" \ -H "X-API-Key: $TOOLWEB_API_KEY" \ -d

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal