ClawHub

Proliant

Security checks across malware telemetry and agentic risk

Overview

This skill is not clearly malicious, but its description and examples point to different kinds of systems while giving agents broad authority to act on external records.

Install only if you are sure this is the intended Proliant/Membrane integration and you are comfortable granting it authenticated access to external business records. Before using it, require the agent to confirm the exact connected app and get explicit approval before creating, updating, deleting, messaging, invoicing, or sending raw proxy requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The skill documentation materially misrepresents the target system: it describes Proliant as server hardware management, but the exposed objects and workflows are for a legal/CRM-style records platform. This mismatch can cause an agent or user to invoke sensitive data operations under false assumptions, increasing the risk of unauthorized access, privacy violations, or destructive actions against the wrong external system.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The activation guidance is overly broad and says to use the skill whenever the user wants to interact with Proliant data, without narrowing by task type, sensitivity, or confirmation requirements. Broad routing criteria can cause the agent to select this skill in ambiguous contexts and perform networked operations on external records when a safer clarification step was needed.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The instructions encourage running actions and proxying direct API requests without prominently warning that these operations may send data externally or mutate live records. In an agent setting, this omission makes it easier to execute state-changing or data-exposing requests without sufficient user awareness, review, or confirmation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal