ClawHub

Supabase Tool

Security checks across malware telemetry and agentic risk

Overview

This skill transparently generates Supabase curl and SQL helper commands, including write-capable templates, without storing credentials or running hidden actions.

Install this only if you are comfortable reviewing generated curl and SQL before running them. Treat raw SQL and insert commands as potentially production-changing, use non-production projects first when possible, and avoid pasting high-privilege Supabase tokens unless you understand the requested operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill advertises and invokes shell commands (`bash scripts/script.sh ...`) but does not declare corresponding permissions or clearly scope execution capability. This creates a trust and review gap: users or orchestration systems may treat the skill as low-risk documentation while it can generate or run command-bearing workflows that access external services and potentially alter data.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger phrases are broad and generic for database work, such as `sql query`, `database health`, and `count rows`, which can cause the skill to activate in many ordinary contexts. Because this skill includes raw SQL and insert capabilities, over-broad matching increases the chance of unintended invocation for sensitive or production database tasks.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill describes querying and managing databases, including `insert` and raw `query`, but does not prominently warn that generated commands may modify live database contents or affect production systems. In this context, omission of a mutation warning is dangerous because users may assume the tool is read-only or safe for casual use, leading to accidental writes, destructive SQL, or policy changes being executed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal