ClawHub

Docparser

Security checks across malware telemetry and agentic risk

Overview

This Docparser skill appears legitimate, but it should be reviewed because it grants broad authenticated Docparser API access through Membrane without clear limits.

Install only if you intend to let an agent work with the connected Docparser account. Prefer the listed Membrane actions, confirm any operation that changes documents, parsers, integrations, or account settings, and avoid raw proxy requests unless you know the exact Docparser endpoint and effect.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The manifest description says the skill is for managing organizations, but the body of the skill primarily enables broad Docparser document and parser operations. This scope mismatch can cause an orchestrating agent or user to invoke the skill under false assumptions, leading to unintended access or actions beyond the declared purpose.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The proxy section explicitly allows direct requests to arbitrary Docparser API endpoints, bypassing the narrower action-based interface and any implicit guardrails that curated actions provide. In context, this materially expands the skill's effective permissions and can enable unintended reads, writes, or destructive operations against the connected Docparser account.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The invocation guidance says to use the skill when the user wants to interact with Docparser data, which is broad enough to match many unrelated or high-risk Docparser tasks. Overbroad routing increases the chance that an agent will select this skill in situations where the user's intent, required permissions, or safety constraints have not been clearly established.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal