ClawHub

WeKnora

Security checks across malware telemetry and agentic risk

Overview

This instruction-only WeKnora API skill mostly matches its knowledge-base purpose, but it includes edit, reparse, and delete actions without clear user-confirmation guidance.

Review this skill before installing if your WeKnora knowledge base contains important or shared data. Use a least-privilege API key if possible, confirm the base URL is your trusted WeKnora server, avoid storing long-lived keys in shell startup files on shared machines, and only allow edit, reparse, or delete calls after explicit user confirmation of the exact knowledge entry.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill metadata describes import and retrieval, but the documentation also exposes edit and delete operations. This scope expansion can cause an agent or user to perform state-changing actions that were not expected from the declared purpose, increasing the chance of unintended destructive behavior.

Description-Behavior Mismatch

Low
Confidence
78% confidence
Finding
The documentation references a reparse write operation that is not declared in the skill description. While less severe than deletion, undocumented state-changing actions undermine least surprise and can trigger unintended processing or cost-bearing operations.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
A delete endpoint is documented with no warning, confirmation flow, or safety checks. In an agent setting, this creates a realistic risk of accidental or prompt-induced deletion of knowledge entries, causing data loss and operational disruption.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal