ClawHub

Raven Tools

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Raven Tools integration, but it gives broad authenticated API access without clear limits or confirmation safeguards for changes.

Install only if you trust Membrane and are comfortable letting an agent use your Raven Tools account through that connection. Use the least-privileged account available, review requested actions carefully, and require explicit confirmation before any operation that creates, updates, or deletes data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The manifest claims the skill is for managing organizations, but the body enables much broader Raven Tools access including arbitrary action execution and proxy requests. This scope mismatch can mislead routing and user consent, causing the agent to invoke a much more powerful integration than the metadata suggests.

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The skill name and description suggest a limited organization-management function, but the content documents broad reporting features and generic API access. In an agent ecosystem, misleading naming/description increases the chance of overbroad invocation and use outside the user's intended authorization context.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The invocation guidance is broad enough to trigger on generic Raven Tools interactions without clear boundaries, which can cause the agent to select this skill for loosely related requests. Because the skill includes generic action discovery and proxying, ambiguous routing expands the effective authority of the agent unexpectedly.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs the agent to send direct proxy requests to Raven Tools without warning that user-provided paths, query parameters, or bodies may transmit data to an external service. This creates a data-handling and consent risk, especially when arbitrary requests can expose sensitive user or tenant information to third-party systems.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal