ClawHub

Scale Ai

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Scale AI/Membrane integration, but it gives broad authenticated API access, including write and delete requests, without clear guardrails.

Install only if you are comfortable granting Membrane-mediated access to your Scale AI account. Use a least-privileged or read-only Scale AI connection where possible, verify the Membrane CLI package before installing, prefer discovered actions over raw proxy calls, and require explicit confirmation before any create, update, delete, membership, organization, or billing-impacting operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The manifest says the skill is for managing Organizations, Users, and Goals, but the body of the skill enables arbitrary action discovery and raw proxy access to the Scale AI API. This mismatch can cause the agent or user to underestimate the skill's actual authority, increasing the chance of overbroad use, unintended data access, or execution of sensitive operations outside the declared scope.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The invocation description is broad enough that the skill may activate for many generic requests involving Scale AI data, not just the narrower resource types named in the description. In a system that auto-selects skills, this increases the risk of the skill being invoked in contexts where its broad action execution and proxy features are unnecessary or unsafe.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal