ClawHub

Crossborder Ecom Hub

Security checks across malware telemetry and agentic risk

Overview

This looks like a real ecommerce management skill, but it needs review because it handles valuable marketplace and Feishu access while offering broad bulk sync and pricing actions with weak safeguards.

Install only after reviewing the code and testing with sandbox or least-privilege marketplace accounts. Do not put production seller credentials in the local config unless filesystem permissions and secret rotation are handled, and avoid bulk sync or pricing apply commands until you have a preview, narrow scope, and rollback plan. Use a dedicated Feishu app/workspace with restricted sharing before enabling Feishu sync.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (10)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README promotes one-click bulk synchronization across multiple external commerce platforms and also mentions automatic syncing to Feishu, but it does not clearly warn about the consequences of propagating incorrect, sensitive, or policy-violating data at scale. In a multi-platform e-commerce context, this can cause accidental mass updates to listings, inventory, pricing, or order data across third-party services, amplifying operational and compliance risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README instructs users to place numerous marketplace and Feishu API secrets directly into a local JSON config file, but the guidance does not sufficiently emphasize filesystem permissions, secret rotation, exclusion from source control, or safer secret-management alternatives. Centralizing high-value credentials for multiple commerce platforms in one plaintext local file increases the blast radius if the host is compromised or the file is accidentally exposed.

Missing User Warnings

High
Confidence
93% confidence
Finding
The documentation instructs users to place multiple marketplace and Feishu secrets directly into a local JSON config file and environment variables, but provides no credential-handling safeguards. This materially increases the chance of secret exposure through weak file permissions, shell history, backups, logs, screenshots, process listings, or accidental commits, and these credentials could enable unauthorized access to commerce platforms and associated business data.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The command transmits full order data to Feishu when the --feishu option is used, but the user-facing flow does not clearly warn that potentially sensitive business or customer information will be sent to an external service. In a commerce/order-management context, silent or under-disclosed third-party synchronization can cause unintended data disclosure, compliance issues, and privacy violations.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The remove flow deletes platform configuration immediately based on user-supplied input, with no confirmation prompt, dry-run, or safeguard against accidental invocation. In a CLI that manages platform integrations and likely associated credentials/configuration, an unintended removal can disrupt operations, break automation, or cause loss of local configuration state.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The command applies pricing changes immediately when `--apply` is used, with no explicit confirmation, dry-run gate, or itemized review before modifying live product prices. In an operational pricing tool, accidental invocation, bad upstream analysis, or incorrect parameters could mass-update prices across a platform and cause revenue loss, margin erosion, or market disruption.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
When the --feishu option is used, the command sends generated report data to an external Feishu service without any explicit warning, confirmation, or visibility into what fields are transmitted. Because these reports include business-sensitive sales, inventory, and profit data, this can cause unintended external disclosure if a user enables the flag without understanding the data-sharing consequence.

Missing User Warnings

Medium
Confidence
73% confidence
Finding
The report sync serializes and uploads the entire report object via JSON.stringify(report), which can inadvertently send more data than intended to the external Feishu service. Because the full object shape is not constrained here, sensitive internal fields, derived analytics, or embedded PII/secrets could be disclosed if present in the report payload.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
Platform credentials and configuration are persisted in a local JSON file under the user's home directory without any protection, encryption, or permission hardening. If API keys or tokens are stored there, other local users, malware, backups, or accidental commits could expose secrets and enable unauthorized access to connected commerce platforms.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The code performs bulk remote price changes across one or more platforms immediately after computing a new price, with no approval gate, dry-run preview, or per-product validation. In an agent or automation context, this can cause widespread unintended pricing changes, revenue loss, or marketplace policy issues if invoked with bad inputs or against the wrong platform scope.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal