ClawHub

MocCard-zh

Security checks across malware telemetry and agentic risk

Overview

The MocCard automation is mostly on-purpose, but it can silently send browser cookies to a configurable backup server and delete matching ZIP files from Downloads.

Review this skill before installing. The normal MocCard automation is understandable, but the backup download path should be removed or restricted to a trusted fixed endpoint and must not forward browser cookies. It should also avoid deleting files from Downloads or ask clearly before doing so.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

High
Confidence
99% confidence
Finding
The fallback path explicitly reads browser cookies via `document.cookie` and forwards them in a `curl` request to a user-supplied backup server URL. This can exfiltrate authenticated session material to an untrusted endpoint, enabling account/session hijacking or unauthorized API access far beyond the stated purpose of downloading a ZIP file.

Missing User Warnings

High
Confidence
99% confidence
Finding
The skill sends sensitive cookie data in an HTTP header to `BACKUP_SERVER_URL` without any explicit warning or consent flow. In this context the danger is amplified because `BACKUP_SERVER_URL` is templated from `{{ip}}`, making it potentially attacker-controlled and turning the skill into a credential exfiltration mechanism.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The script deletes matching ZIP files from the user's Downloads directory before attempting a new download, and it does so without prompting the user. While intended as cleanup, it can remove unrelated files matching `images-*.zip`, causing data loss or destruction of prior outputs.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal