ClawHub

Agent Ready Scanner

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate website readiness scanner, but its HTML reports can include unsafe unescaped content from scanned sites.

Install only if you are comfortable with the skill making HTTP requests to sites you explicitly name and creating report files locally. Avoid scanning internal or unauthorized targets, and treat generated HTML reports from untrusted sites as unsafe until output escaping is fixed; JSON or text output is safer for untrusted targets.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill clearly describes network access plus reading/writing local report files, yet no permissions are declared. That creates a transparency and consent gap: an agent or user may invoke functionality that performs outbound requests and writes artifacts without an explicit permission boundary, increasing the chance of unintended data transmission or filesystem side effects.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The README advertises very broad natural-language triggers such as '检查网站是否为 AI 准备好' and '帮我检查 xxx.com 的 agent readiness' without clear scoping, confirmation, or exclusions. In an agent environment, overly generic trigger phrases can cause accidental invocation on unrelated user requests, leading to unintended outbound website scans and report generation.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are broad natural-language requests like checking whether a site is 'AI ready,' which can overlap with ordinary conversation and cause accidental invocation. In this skill, accidental invocation is meaningful because it can initiate network scanning of a supplied domain and generate files, so misfires have real side effects.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The execution flow states that the skill will run HTTP checks against user-provided websites and then write JSON and HTML reports, but the description does not foreground these external requests and filesystem writes as user-visible side effects. This omission can lead to users unknowingly authorizing outbound traffic to third-party sites and local file creation, which is especially risky in automated agent environments.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal