ClawHub

protocal-kit-finder-for-protocal-agent

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is coherent for lab kit lookup, but users should know it may read project markdown files and save vendor documentation into the workspace.

Use this skill in a project folder containing only relevant protocol materials, or tell the agent exactly which files to read. Expect it to search vendor websites and, in the final documentation phase, create local files under references/kit-docs; review those files before committing or relying on them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill's declared purpose is limited to finding reagent kits and catalog numbers, but the workflow also instructs reading arbitrary project markdown files and later saving documentation into the project. That expands the trust boundary beyond vendor lookup into local data access and file persistence, creating unnecessary exposure of project contents and increasing the chance of unintended data access or side effects.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
Automatically downloading and storing manuals, protocols, or SDS files is not necessary to satisfy the stated goal of identifying catalog numbers and product links. This adds write-capable behavior and external content ingestion into the project, which can clutter repositories, introduce unreviewed third-party content, and be abused to persist unexpected files under the guise of procurement support.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill directs the agent to download PDFs or save product pages into the project directory without an upfront warning that it will perform filesystem writes. Even though confirmation is requested later in the workflow, the skill specification itself lacks an explicit early disclosure of write behavior, which undermines informed consent and can surprise users with persistent changes to their workspace.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal