ClawHub

Ba Master

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent business-analysis assistant, but it routes likely sensitive requirements and compliance content through a remote MCP service without clear privacy disclosure or consent controls.

Review before installing. This skill may be useful for structured BA deliverables, but users should assume project requirements and generated documents can be processed by the listed remote MCP service. Avoid entering confidential, regulated, or customer-sensitive material unless the publisher provides acceptable privacy, retention, and security terms.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger keywords are broad enough to match ordinary conversation such as 'help me analyze' or generic mentions of flowcharts, which can cause unintended tool invocation. Because the skill is wired to a remote MCP service, accidental activation may transmit user content externally or advance workflows the user did not explicitly request.

Vague Triggers

Medium
Confidence
93% confidence
Finding
Activating the skill's full introduction flow on routine greetings like 'hi' or '你好' creates unnecessary and potentially repeated engagement without clear user intent. In a tool-enabled agent, this increases the risk of premature workflow initiation and can manipulate the conversation into external-service-backed operations before informed consent is established.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to connect to a remote MCP endpoint but does not clearly warn that user prompts, project requirements, and possibly sensitive business or compliance data may be transmitted to an external service. In this BA context, inputs are likely to include confidential internal processes, data models, and regulated-domain details, so lack of disclosure meaningfully raises privacy and data-governance risk.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal