ClawHub

OPC Contract Manager

Security checks across malware telemetry and agentic risk

Overview

This skill performs contract review and local contract-archive management as advertised, with sensitive local storage risks users should understand.

Install only in a private workspace. Archived contracts can include confidential terms, signatures, payment details, personal data, and AI-generated risk analysis; keep the contracts directory out of public repositories and shared sync folders, and review generated metadata before relying on dashboard or portfolio insights.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill performs local file reads and writes (review references, contract archive creation, metadata/report generation) but does not declare permissions or provide an explicit capability boundary. This can cause users or orchestrators to invoke a skill that modifies local data or accesses archived contracts without clear authorization expectations.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README explicitly promotes archiving signed contracts, generating structured metadata, and maintaining a local contract archive, but it does not warn users that this will persist potentially sensitive legal, financial, and personal data on disk. In a contract-management skill, that omission is security-relevant because users may paste confidential agreements and assume analysis is transient, increasing the risk of unintended local data retention and exposure through backups, shared machines, or repo commits.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The search trigger includes broad terms like 'Find' and 'search,' which can match ordinary requests and route the skill into archive-query behavior unexpectedly. In a skill that can inspect local contract indexes, ambiguous mode switching increases the chance of unintended data access or disclosure from stored contract metadata.

Vague Triggers

Medium
Confidence
89% confidence
Finding
Dashboard triggers such as 'status' or 'what's coming up' are generic and could activate local deadline scanning in unrelated conversations. Because dashboard mode runs local scripts over contract archives, ambiguous activation can expose summaries of sensitive commercial information without the user clearly intending that action.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The archive workflow creates directories and writes multiple files automatically, including copied documents and generated summaries, without any explicit warning or consent checkpoint. Silent persistence of sensitive contracts and derived analysis can create confidentiality, compliance, and data-retention risks, especially on shared workstations or synced directories.

Missing User Warnings

Low
Confidence
85% confidence
Finding
The conditional self-check and dashboard behavior run local scripts against contract archives without prominently notifying the user that stored files will be scanned. Even if limited to metadata/deadlines, this can still surface sensitive business information unexpectedly in contexts where the user only wanted a contract review.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal