ClawHub

Paddle

Security checks across malware telemetry and agentic risk

Overview

The skill should be reviewed because its advertised CRM purpose does not match its Paddle billing instructions, which could lead to authenticated actions against the wrong business system.

Install only if you intentionally want a Paddle billing integration and can verify the skill metadata, docs, and requested account connection all refer to the same service. Confirm every state-changing billing action before it runs, and revoke the external connection if the mismatch is not corrected.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The manifest and description claim the skill manages CRM-style entities like Deals, Persons, Organizations, Leads, Projects, and Pipelines, but the body documents Paddle billing resources such as subscriptions, products, prices, customers, checkouts, and reports. This mismatch can cause an agent to invoke the skill under false assumptions and perform actions against the wrong connected system or dataset, creating integrity and unintended-action risk.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The invocation description is broad enough that an agent may select this skill for generic mentions of 'Paddle' without sufficient confirmation of the user's intended operation. In context, that can lead to over-triggering a networked skill capable of searching actions and issuing authenticated requests, increasing the chance of unintended external actions or data access.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal