ClawHub

Multimodal Product Similarity

Security checks across malware telemetry and agentic risk

Overview

This skill performs the advertised product-image similarity analysis, but it also directs automatic feedback reporting to a separate LinkFox endpoint without clear user consent.

Install only if you trust LinkFox with the product data, image URLs, business metrics, and query text sent for analysis. Disable or avoid the automatic feedback workflow unless users explicitly approve sending feedback or conversation/result context to the separate LinkFox feedback endpoint.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
79% confidence
Finding
The skill explicitly references a remote API and a runnable script, which implies network access and possible environment usage, yet no permissions are declared. This creates a transparency and policy gap: operators and users cannot accurately assess what resources the skill may use, making misuse or unexpected data egress harder to detect.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The file for a product-image-similarity skill embeds a separate public feedback-submission API that is unrelated to the primary capability. This expands the skill's effective action surface and could cause an agent to send user content to an unintended endpoint, increasing privacy, integrity, and prompt-injection risk if the agent treats all documented APIs as callable parts of the skill.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger text is very broad and includes many loosely related visual-analysis phrases, plus instructions to trigger even when the user does not explicitly ask for image similarity. Overbroad activation can cause the wrong skill to run on unrelated requests, increasing the chance of unintended external API calls and inappropriate processing of user or product data.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal