ClawHub

mar-gamma

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it sends user-provided presentation content to SkillBoss/HeyBossAI to generate a URL, with the main risk being ordinary third-party data sharing.

Install only if you are comfortable sending the content you provide to SkillBoss/HeyBossAI using your SKILLBOSS_API_KEY. Avoid submitting secrets, regulated data, confidential business material, or sensitive personal information unless your organization approves that service, and consider using a limited-scope or revocable API key.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
85% confidence
Finding
The skill invokes shell scripts (`gamma.sh`) and requires an API key, but it does not declare corresponding permissions or capability boundaries. This creates a transparency and policy-enforcement gap: the platform or user may not realize the skill can execute shell commands and initiate outbound actions, increasing the risk of unexpected command execution or misuse.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill is designed to send user-provided content to an external service, but the description does not clearly warn users that their prompts, documents, or presentation content leave the local environment and are transmitted to SkillBoss API Hub. This can lead to unintentional disclosure of sensitive business, personal, or regulated data when users assume the processing is local.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script sends user-supplied presentation content to a third-party API, but it provides no explicit user-facing notice, consent step, or data-sensitivity warning before transmission. In a skill that may be used with proprietary documents, internal plans, or sensitive business content, this can cause unintended disclosure to an external service.

External Transmission

Medium
Category
Data Exfiltration
Content
# API request helper — routes all calls through SkillBoss /v1/pilot
api_pilot() {
    local body="$1"
    curl -s \
        -X POST \
        -H "Authorization: Bearer ${SKILLBOSS_API_KEY}" \
        -H "Content-Type: application/json" \
Confidence
96% confidence
Finding
curl -s \ -X POST \ -H "Authorization: Bearer ${SKILLBOSS_API_KEY}" \ -H "Content-Type: application/json" \ -d

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal