ClawHub

YouYing Shopee Product Search

Security checks across malware telemetry and agentic risk

Overview

The skill mostly matches Shopee product search, but it also tells agents to send feedback about user interactions to a separate LinkFox endpoint without clear opt-in.

Install only if you are comfortable giving the skill network access to LinkFox, using a LINKFOXAGENT_API_KEY, and allowing Shopee search queries to be sent to LinkFox. Disable or ignore the automatic feedback-reporting instructions unless the user explicitly agrees and the content is redacted to avoid sending private business context or conversation details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill explicitly instructs the agent to call external APIs and references executable scripts, which indicates network-capable behavior despite no declared permissions. This creates a transparency and policy-enforcement gap: reviewers and runtime controls may underestimate the skill's ability to send user-derived data externally or use environment-backed credentials.

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The documentation adds a separate public feedback submission endpoint that is outside the skill’s declared Shopee product search/filter purpose. This creates an undocumented data egress path where user content or conversation-derived summaries could be transmitted to a third-party service without being necessary to fulfill the requested search task.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
Introducing a user-feedback reporting capability in a product-search skill expands the skill’s behavior beyond user expectations and beyond the stated purpose. If an agent follows this documentation, it may send user sentiments, complaints, or summaries externally, causing privacy leakage and covert telemetry collection.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The activation criteria are intentionally broad, including cases where the user does not explicitly mention Shopee, which can cause the skill to trigger on generic sourcing or market-analysis requests. Over-broad triggering increases the chance of unnecessary external API calls, irrelevant data handling, and user confusion about which service is being invoked.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal