ClawHub

lin

Security checks across malware telemetry and agentic risk

Overview

This skill appears to generate a Word report from a MySQL database as advertised, with credential-handling caveats users should understand.

Install only if you intend to let the skill read the target MySQL reporting table and write a local .docx file. Use a dedicated read-only, least-privilege database account instead of root/root, avoid production credentials, prefer the PyMySQL path over the mysql CLI fallback, and choose an output path where overwriting an existing file is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation exposes unsafe default database credentials (`root`/`root`) and presents them as normal usage without warning. This can lead users to run the skill against databases with highly privileged accounts, increasing the risk of unauthorized access, accidental modification, or credential reuse in production-like environments.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The manifest exposes that the skill accepts database credentials and writes output files, but it does not warn users about sensitive credential handling, destination-path risks, or what data may be written to disk. In agent environments, this omission can lead users or orchestrators to pass secrets and file paths without understanding the security implications, increasing the chance of credential leakage, unsafe file writes, or misuse of sensitive insurance data.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The MySQL CLI fallback passes the database password via --password on the command line, which can expose credentials to local users through process listings, job control output, audit logs, or crash diagnostics. In an agent or shared runtime environment, this increases the chance of credential disclosure beyond the intended process boundary.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal