ClawHub

Ehunt Shopify Product Query

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Shopify product-research integration that uses a LinkFox/EHunt API key and can save large API responses locally, with no evidence of hidden exfiltration or destructive behavior.

Install only if you intend to use LinkFox/EHunt for Shopify product research. Set the API key only in environments where you trust the skill, use the large-response helper with a temporary output directory, and delete saved response files when finished because they may contain business, pricing, or other sensitive data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill instructs use of Python scripts, disk persistence, environment-based API keys, and a network-backed gateway, yet it does not declare permissions for env, file I/O, network, or shell access. This creates a capability-transparency gap: an agent or reviewer may not realize the skill can write sensitive response data to disk and invoke external services, increasing the chance of unintended data exposure or over-privileged execution.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The activation scope is broad enough to trigger on generic Shopify product-research requests even when the user did not explicitly ask for EHunt or this specific data source. Over-broad triggering can cause unintended tool invocation, unnecessary external data sharing, and surprising behavior, especially in multi-skill environments where a narrower skill might have been more appropriate.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The wrapper always writes full subprocess stdout to disk, which can include API responses, credentials, personal data, or proprietary business data returned by the wrapped script. In an agent setting, this creates a local data-retention and exposure risk, especially because the persisted file is kept even on failures or partial responses.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal