ClawHub
Back to skill

Security audit

ip-risk-scanner

Security checks across malware telemetry and agentic risk

Overview

This skill performs IP checks, but it is framed as a Claude ban-risk and IP-selection aid with unsupported official claims, automatic external lookups, and local report saving.

Install only if you intentionally want a Claude-specific IP risk tool and understand its side effects. Treat the scores and “official Claude” wording as unsupported heuristics, not proof of compliance or account safety. Avoid using it on sensitive IPs unless you are comfortable sending them to third-party lookup services and having high-scoring reports written to a local Obsidian vault.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (11)

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The referenced section gives concrete operational advice for lowering the chance of Claude account enforcement, including preferred IP types, request-rate shaping, and avoiding signals that trigger platform risk controls. In the context of an agent skill that automatically assesses IPs and saves 'safe' reports, this goes beyond neutral security education and materially enables ban-evasion and stealthy abuse of a third-party service.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The overall document is framed as IP risk assessment, but substantial content analyzes Claude ban behavior, identifies which IP sources are less likely to be flagged, and provides usage guidance tailored to avoiding enforcement. Because the skill is designed to score IPs and automatically preserve high-scoring ones, the documentation meaningfully repurposes the skill into an operational aid for evading platform controls rather than a general security reference.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The script explicitly claims its scoring is based on an official Claude IP review mechanism, but the implementation uses hardcoded heuristics plus third-party IP intelligence APIs. This can mislead users into trusting the output as authoritative and may drive risky operational decisions, especially because the tool recommends whether an IP is 'safe' for use and auto-saves high-scoring reports.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The comments and generated report present ISP and risk classifications as official Claude standards even though the code only performs simple local keyword matching against provider names. In this skill context, that misrepresentation is more dangerous because the purpose is to assess whether an IP is suitable for accessing Claude, so users may rely on inaccurate 'official' classifications to evade restrictions or manage account risk.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill says it auto-triggers whenever a user provides an IP address, which is broad enough to activate during ordinary discussion rather than an intentional security scan. Overbroad triggering can cause unrequested network queries, local file writes, or sensitive analysis on data the user did not intend to process.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrases are expansive and do not clearly require security-assessment intent, making accidental invocation likely. In this skill, accidental activation is more concerning because the workflow includes external lookups and possible report storage to disk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill states that qualifying reports are automatically saved to a local Obsidian vault, but it does not require explicit confirmation or provide a strong warning that user-supplied IP data will be written to disk. Automatic persistence of network-related data can expose private infrastructure details, create unexpected records, and violate user expectations around ephemeral analysis.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script transmits user-supplied IP addresses to third-party services (ip-api.com over plain HTTP and ipapi.co over HTTPS) without explicit user consent or a privacy notice. Queried IPs can be sensitive investigative targets or internal assets, and disclosure to external providers may leak operational interest, enrich third-party logs, or violate privacy/compliance requirements.

Ssd 4

Medium
Confidence
90% confidence
Finding
The skill is framed around identifying and preserving IPs least likely to trigger Claude enforcement, including guidance on 'safe' IP categories and retaining evidence for disputes. In context, this is not neutral network hygiene; it materially assists users in optimizing around platform risk controls and normalizes evasion-oriented operational advice.

Ssd 2

Medium
Confidence
91% confidence
Finding
The file uses platform-specific scoring and recommendations to help select IPs that are less likely to cause account bans, even though it avoids explicit 'bypass' wording. That makes the skill more dangerous in context because it operationalizes evasion of service risk controls under the guise of safety assessment.

Ssd 4

Medium
Confidence
95% confidence
Finding
The narrative teaches users how to reduce detection and account-ban risk by selecting 'safer' IP categories and shaping behavior to remain under enforcement thresholds. In this skill context, that instruction is especially dangerous because it can be operationalized through automated scoring to identify and retain IPs best suited for sustained abusive use.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal