ClawHub

EDID Parser

Security checks across malware telemetry and agentic risk

Overview

This skill is a local EDID display-data parser, with one under-warned troubleshooting command users should avoid unless they understand Linux sysfs writes.

Install this only if you need local EDID parsing and are comfortable running edid-decode against EDID files or /sys/class/drm paths. Use the included scripts for read-only parsing and validation. Do not run commands that write to /sys/class/drm, especially with elevated privileges, unless you intentionally want advanced display troubleshooting and understand the possible system impact.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill documentation instructs use of shell commands and file/system-path access (`/sys/class/drm/*/edid`, `find`, `cat`, Python/Bash scripts), but no permissions are declared. That mismatch is a real security and governance issue because users and the platform may not have clear visibility into the skill's operational capabilities, increasing the risk of overbroad file reads or shell execution beyond what is expected.

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The documentation section is framed as a read/diagnostic workflow, but it includes `echo 1 > /sys/class/drm/.../edid`, which is a write operation that can trigger kernel/display behavior rather than merely inspect state. In an agent skill context, users or downstream tooling may copy or execute commands verbatim, so presenting a sysfs write without clear risk framing can cause unintended system changes, require elevated privileges, or destabilize display state.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The markdown includes a direct write to a sysfs path but does not warn about required privileges, side effects, or the fact that sysfs writes can change kernel-managed device state. In this skill's context, which supports debugging and batch processing, omission of such warnings increases the chance that an agent or user treats the command as a harmless read-only diagnostic and executes it broadly.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal