ClawHub

Serphouse

Security checks across malware telemetry and agentic risk

Overview

This looks like a legitimate SERPhouse integration, but it gives an agent broad authenticated control over SERPhouse data without clear limits or confirmation rules.

Review before installing. Use a least-privileged SERPhouse/Membrane account, verify the Membrane CLI package source, and require explicit approval before creating, updating, deleting, or managing organizations, users, projects, keywords, competitors, or account settings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The manifest says the skill is for managing Organizations and Users, but the body documents a much broader capability set including projects, keywords, competitors, account access, generic action discovery, and direct proxy requests. This mismatch can cause the orchestrator or user to authorize the skill under a narrower trust assumption than its actual behavior, increasing the chance of unintended data access or broader-than-expected operations.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The invocation text says to use the skill whenever the user wants to interact with SERPhouse data, which is overly broad and may cause the system to invoke it on vague or ambiguous requests. Because the skill supports wide discovery and proxy capabilities, overly permissive triggering can expand access beyond the user's specific intent and increase the likelihood of unnecessary external actions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal