ClawHub

Jp Funda

Security checks across malware telemetry and agentic risk

Overview

This skill is not clearly malicious, but its JP Funda documentation mixes unrelated capabilities and allows broad authenticated API proxy calls, so it should be reviewed before use.

Install only if you specifically want a Membrane-based JP Funda securities-report connector. Prefer the listed report actions, review any raw proxy request before running it, and require explicit approval before POST, PUT, PATCH, or DELETE requests. Install the Membrane CLI only if you trust that external package, and revoke the Membrane/JP Funda connection when it is no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The manifest advertises capabilities to manage Organizations, Pipelines, Users, and Filters, but the rest of the skill is about JP Funda financial-report retrieval. This mismatch can cause the skill to be invoked in the wrong contexts and mislead users or downstream agents about what actions may be taken, increasing the chance of unintended data access or unsafe execution paths.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The overview lists unrelated capabilities such as real estate objects, media, and listed agents, while the actual actions are for securities reports. Contradictory documentation can cause an agent or operator to form an incorrect mental model of the integration and make inappropriate queries or trust assumptions about the data being accessed.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The invocation description is broad enough that the skill could be selected for generic requests about JP Funda, even when the user's intent does not match the available actions. Over-broad routing increases the chance of unnecessary external calls, incorrect tool use, and disclosure of user queries to an external service when a narrower skill should have been chosen.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal