ClawHub
Back to skill

Security audit

OPC Invoice Manager

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local invoice-management skill whose file reads and writes are sensitive but disclosed and aligned with billing workflows.

Use this in a dedicated invoice folder, keep backups, and review generated invoices, void/reissue actions, payment status changes, client-profile updates, and collection emails before treating them as business records or sending them to clients.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill instructs the agent to read contracts, client profiles, templates, and invoice indexes and to write invoices, metadata, and client records, but it declares no explicit permissions or user-consent boundary. This creates a real security issue because a user or platform may assume the skill is read-only or low-risk while it can access and modify local business data, increasing the chance of unintended data exposure or tampering.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The archive workflow explicitly tells the agent to create invoice folders, write invoice artifacts, run indexing, and auto-create or update client profiles without any warning or confirmation to the user. In a financial workflow, silent file mutation is dangerous because it can overwrite records, create inaccurate accounting artifacts, or persist sensitive client data locally without the user's informed consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.