ClawHub

Cobalt

Security checks across malware telemetry and agentic risk

Overview

This skill appears to connect to sensitive Cobalt security data and includes destructive asset actions without enough scoping or safety language.

Install only if you intend to let the agent access and possibly change Cobalt security data. Use least-privilege credentials, verify the skill is for Cobalt pentest assets/findings rather than support tickets, and require explicit confirmation before any update or delete action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The skill’s overview describes a customer-support/ticketing product, but the concrete actions and examples operate on pentests, findings, assets, and organizations. This mismatch can cause an agent or user to invoke the skill under false assumptions and then access or modify sensitive security data, including destructive operations, in the wrong context.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The activation condition 'Use when the user wants to interact with Cobalt data' is overly broad and provides no guardrails about scope, sensitivity, or operation type. Broad routing increases the chance the agent will select this skill for ambiguous requests and perform unintended reads or mutations against an external system.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill advertises destructive capabilities such as 'Delete Asset' alongside other actions without an explicit safety warning or confirmation requirement. In an agentic setting, omission of deletion safeguards can lead to irreversible data loss if the model chooses or is prompted to use destructive actions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal