ClawHub

Vatgentic

Security checks across malware telemetry and agentic risk

Overview

The skill appears to use external VAT and payment-related APIs in a way that matches its stated purpose, but users should understand that VAT numbers and related metadata leave their environment.

Before installing, confirm you trust the VATGENTIC, ln.bot, n8n, BTCPay, and VAT API endpoints you configure. Use HTTPS official endpoints, avoid production secrets in testing, keep API tokens least-privileged, and make sure users understand that submitted VAT numbers and related payment metadata may be sent to those services.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
96% confidence
Finding
The skill clearly relies on environment variables and outbound network access, yet it declares no permissions or equivalent capability metadata to warn users and hosting platforms. This creates a transparency and policy-enforcement gap: agents may invoke external requests and access configuration without an explicit trust signal, increasing the chance of unintended data disclosure or policy bypass.

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The README lists external endpoints, secrets, and credential-dependent behavior, but it does not clearly warn that VAT numbers, payment metadata, and possibly tokens will be transmitted to third-party services. In a skill ecosystem, unclear disclosure can lead users to send sensitive business identifiers or configure secrets without understanding the privacy and trust implications.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill asks users to submit VAT numbers to a third-party API but does not clearly warn that those identifiers will be transmitted off-platform to an external service. VAT numbers may be business identifiers tied to companies or sole proprietors, so the omission can cause privacy, compliance, and data-handling surprises for users and downstream systems.

External Transmission

Medium
Category
Data Exfiltration
Content
import os

# Submit VAT number
response = requests.post(
    f"{os.environ['VATGENTIC_API_URL']}/vat/request",
    json={"vatNumber": "LU26375245", "amountSats": 10}
)
Confidence
95% confidence
Finding
requests.post( f"{os.environ['VATGENTIC_API_URL']}/vat/request", json=

External Transmission

Medium
Category
Data Exfiltration
Content
url = os.environ['VATGENTIC_API_URL']
    
    # Submit request
    resp = requests.post(f'{url}/vat/request', 
                         json={'vatNumber': vat_number})
    req = resp.json()
Confidence
95% confidence
Finding
requests.post(f'{url}/vat/request', json=

External Transmission

Medium
Category
Data Exfiltration
Content
**POST** `/vat/request`

```bash
curl -X POST $VATGENTIC_API_URL/vat/request \
  -H "Content-Type: application/json" \
  -d '{"vatNumber": "LU26375245"}'
```
Confidence
93% confidence
Finding
curl -X POST $VATGENTIC_API_URL/vat/request \ -H "Content-Type: application/json" \ -d

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal