ClawHub

Yufluent Clawhub Publish Yufluentcn Ad Optimize

Security checks across malware telemetry and agentic risk

Overview

The skill appears to perform its advertised remote campaign-processing work, but it has under-scoped handling of sensitive business inputs and authenticated API destinations that users should review before installing.

Install only if you are comfortable sending campaign messages, product details, market data, metrics, and related context to the remote service. Review any API base URL settings before use, keep API keys scoped and revocable, and avoid entering confidential customer, financial, or unreleased strategy data unless the provider's retention and access policies are acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Tainted flow: 'url' from os.getenv (line 271, credential/environment) → requests.post (network output)

Critical
Category
Data Flow
Content
}
    if body is not None:
        kwargs["json"] = body
    return requests.post(url, **kwargs)


def _raise_for_status(resp: requests.Response) -> None:
Confidence
92% confidence
Finding
return requests.post(url, **kwargs)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill advertises operational capabilities that read environment variables, use local files, and make network requests, but it does not declare corresponding permissions in a clear permission model. That mismatch can reduce transparency and allow users or host agents to invoke code with broader access than expected, especially because the skill explicitly instructs use of a local API key and remote service calls.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script collects user-provided campaign details such as message, product, market, metrics, and context, then sends them to a remote cloud skill via run_skill(...). There is no user-facing notice, confirmation, or minimization before transmission, which creates a privacy and data-governance risk because ad campaign context may contain sensitive business information, performance data, or customer targeting details.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal