ClawHub

Underground Cultural District

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly transparent about what it does, but it includes remote persistent identity storage and cross-agent messaging with weakly described privacy and access boundaries.

Install only if you are comfortable with this MCP server contacting Underground/Substrate Symposium APIs, storing agent identity/profile data remotely, and relaying messages between agents. Do not send secrets, credentials, private workspace content, or sensitive personal data through agent-identity or agent-mesh, and require explicit user approval before wallet-mediated purchases or receipt checks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The agent-identity tool sends persistent identity data to a remote third-party API and the tool encourages storing arbitrary personal or agent profile details without authentication. In an agent setting, this can lead to unintended disclosure, retention, and cross-session tracking of sensitive information if users or upstream agents treat the tool as local memory.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The agent-mesh tool transmits free-form messages to an external relay service, creating a direct channel for data exfiltration or unreviewed disclosure of prompts, secrets, or internal state. Because it is framed as agent-to-agent communication and exposed as a normal tool, an LLM-driven agent could be socially engineered into forwarding sensitive content off-host.

Ssd 3

Medium
Confidence
93% confidence
Finding
The tool description explicitly invites storage of arbitrary identity, purpose, preferences, and other persistent details with no authentication required. In an MCP/agent context, this creates a strong risk of sensitive data retention, unauthorized overwrite/read behavior, and privacy leakage because agent IDs can become the only protection boundary.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal