ClawHub

Regal

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Regal integration, but it can give an agent broad authenticated access to read and change Regal business data without clear built-in approval limits.

Install only if you trust Membrane and intend to let an agent operate through your Regal account. Prefer a least-privileged Regal account or scoped connection where possible, and require the agent to show the exact action, endpoint, method, and payload before any write, delete, user, pipeline, settings, or bulk operation. Revoke the Membrane/Regal connection when it is no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The manifest advertises a narrower scope focused on Organizations, Pipelines, Users, Goals, and Filters, but the body later enables arbitrary proxy requests to the Regal API. That scope mismatch can mislead downstream agents or users into granting or invoking the skill under the assumption of limited capabilities, when it can actually reach broader Regal resources and endpoints.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The activation condition 'Use when the user wants to interact with Regal data' is very broad and may cause the skill to be selected for vague or generic Regal-related requests without sufficient narrowing. In a tool-using agent, over-broad routing can increase the chance of unnecessary external actions, unintended data access, or use of a high-privilege integration when a safer path would suffice.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal