ClawHub

Target Novelty Scorer

Security checks across malware telemetry and agentic risk

Overview

This skill is non-destructive, but it advertises real literature mining while the code generates simulated target scores, so users could mistake fabricated results for evidence-based analysis.

Install only if you treat this as a draft/demo. Do not rely on its novelty scores for scientific, portfolio, or business decisions until real PubMed/PMC retrieval is implemented, outputs clearly state their data provenance, dependencies are pinned and reconciled, and report output paths are constrained or reviewed before use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill advertises and appears to support writing reports to disk, but it has no declared permissions describing that capability. Undeclared file-write behavior weakens user awareness and policy enforcement, increasing the chance of unexpected file creation or overwriting when the skill is executed.

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The documented purpose is literature mining against PubMed/PMC, but the analyzed behavior indicates the skill instead uses simulated pseudo-random data and does not query real sources while still exposing output-writing functionality. This is dangerous because users may trust fabricated novelty scores for scientific or portfolio decisions, and the mismatch hides actual behavior from reviewers and operators.

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
This is a real integrity/security issue because the tool presents itself as performing PubMed literature mining while actually generating simulated random data. In a biological target-scoring context, users may rely on the output for research prioritization or downstream decisions, so fabricated results can mislead decision-making and create unsafe trust in non-existent evidence.

Intent-Code Divergence

Low
Confidence
92% confidence
Finding
This is a true vulnerability in the form of deceptive or misleading functionality: the CLI claims users can choose among pubmed, pmc, or all, but the argument is ignored entirely. In a literature-mining skill, this increases the risk of false assumptions about data provenance and coverage, especially when users believe they are querying broader or different sources than the tool actually uses.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill description mentions external API use and local report generation but does not warn users during usage about data being transmitted to third-party services or files being written locally. Missing disclosure increases the risk of unintended data exposure and surprising side effects, especially in regulated or sensitive research environments.

Unpinned Dependencies

Low
Category
Supply Chain
Content
dataclasses
numpy
Confidence
97% confidence
Finding
dataclasses

Unpinned Dependencies

Low
Category
Supply Chain
Content
dataclasses
numpy
Confidence
99% confidence
Finding
numpy

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal