ClawHub

Goody

Security checks across malware telemetry and agentic risk

Overview

The skill appears to integrate with Goody, but it under-describes its scope and permits broad authenticated API requests that could change account or order data.

Review this skill before installing. Only use it if you intend to let an agent access your Goody account through Membrane, and require clear confirmation before any request that creates, updates, cancels, or deletes orders, campaigns, recipients, or related business data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The manifest description says the skill manages Organizations, Pipelines, Projects, Users, Goals, and Filters, but the body documents Goody gifting entities like campaigns, order batches, products, and orders. This mismatch can cause the agent or user to invoke the skill under false assumptions, leading to unintended access or actions against a gifting platform when the apparent scope sounds like generic business-object management.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The documentation explicitly allows arbitrary proxy requests to the Goody API when predefined actions are insufficient, which materially expands the skill beyond the narrow manifest description. This creates a capability-escalation risk because an agent may use undocumented or highly privileged endpoints, including sensitive reads or destructive writes, without the user realizing the full scope of access.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The invocation description is broad enough that any user request mentioning Goody data could trigger the skill, even when the user did not intend gifting or order-management operations. Overbroad routing increases the chance of unnecessary external-system access and can chain with the proxy capability to reach more sensitive functionality than expected.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill documents direct API access with support for POST, PUT, PATCH, and DELETE but does not require explicit warning or confirmation before destructive operations. In an agent setting, this can enable accidental cancellations, modifications, or other state-changing requests through natural-language prompting without adequate user awareness.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal