ClawHub

Edsby Grades Board

Security checks across malware telemetry and agentic risk

Overview

This skill is purpose-aligned, but it handles private student records and can write to Google Calendar using persistent credentials without clear review, deduplication, or cleanup controls.

Install only if you are comfortable giving this skill access to an authenticated Edsby session and permission to create Google Calendar events. Use a dedicated browser profile and preferably a separate calendar, protect or avoid plaintext token files, review Google OAuth scopes, and avoid repeated daily sync until duplicate-event and disable/revoke behavior is clear.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The tool description materially understates behavior: it claims to do a daily check, but it also fetches student data and performs external side effects by creating Google Calendar events. In an agent/tooling context, misleading descriptions can cause a user or orchestrator to invoke a tool without understanding that sensitive data will be accessed and modified in another service.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill advertises automatic syncing to Google Calendar and scheduled daily/bi-weekly checks, but it does not provide a clear user-facing warning that it will make ongoing changes to an external service after initial setup. This can lead to unauthorized or surprising calendar modifications, repeated writes, and privacy issues if users do not fully understand the persistence and automation behavior, especially given the stated use of persistent browser sessions.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
This code collects sensitive student information, including classes, grades, and assignments, with no disclosure, consent, or scoped limitation at the point of use. In a skill setting, silent collection of educational records increases privacy risk and can expose protected student data to downstream tools, logs, or unauthorized consumers.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
Reading OAuth tokens from a local file without notice or stronger handling creates a credential exposure risk, especially in shared or multi-tenant environments where local files may be accessible, copied, or logged. Because these tokens authorize access to Google Calendar, compromise could allow unauthorized reading or modification of calendar data.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The tool transmits assignment data to Google Calendar and creates events without any explicit disclosure or confirmation, causing educational data to be sent to an external service and persisted there. This is a privacy and integrity issue because users may not expect external synchronization or automatic creation of calendar entries.

Missing User Warnings

High
Confidence
96% confidence
Finding
This tool automatically fetches Edsby data and writes to Google Calendar in one step, without any warning or confirmation. The combination of silent access to student records and immediate external side effects makes it more dangerous than the individual primitives, because a single invocation can exfiltrate or propagate sensitive data and modify user resources unexpectedly.

VirusTotal

47/47 vendors flagged this skill as clean.

View on VirusTotal