ClawHub

Bird Information

Security checks across malware telemetry and agentic risk

Overview

This skill coherently fetches public bird information from dongniao.net and shows no evidence of hidden credential access, persistence, destructive actions, or unrelated data collection.

Install only if you are comfortable with bird queries being sent to dongniao.net. Avoid including personal or sensitive information in the bird-name query, and treat the web_fetch wording as something the publisher should clarify or correct.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill documentation declares no permissions, yet its described and detected behavior requires outbound network access to fetch data from dongniao.net. This creates a transparency and policy-enforcement gap: users or platforms may approve the skill under false assumptions, while the skill can still make external requests and expose query data to a third party.

Tp4

High
Category
MCP Tool Poisoning
Confidence
90% confidence
Finding
The documented behavior says the skill uses web_fetch, but the analysis indicates it performs direct HTTP requests via requests/urllib and does not behave as broadly as claimed. Bypassing the expected fetch abstraction can evade platform controls, logging, sandboxing, or URL restrictions tied to the approved tool, increasing the risk of unauthorized network access and weakening trust in the skill's stated security model.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The documented auto-trigger phrases are broad natural-language patterns such as requests for information or details, which can overlap with normal conversation and cause the agent to invoke the skill without clear user intent. In an agent environment, overly permissive invocation guidance increases the chance of unnecessary external fetches, unintended data processing, and prompt-routing abuse through ambiguous phrasing.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The suggested description says to use the skill for 'any bird species' and broad categories of bird details without defining boundaries or disambiguation rules. This makes the skill easier to over-select by the orchestration model, especially in mixed-topic conversations, leading to unintended web access and expanded attack surface from external content.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal