ClawHub

price-tracker

Security checks across malware telemetry and agentic risk

Overview

This skill mostly does price lookup as described, but it presents randomly generated price history as real market history for arbitrage decisions.

Review before installing. Use a dedicated revocable SkillBoss API key, avoid uploading confidential product lists unless SkillBoss processing is acceptable, verify prices directly on retailer sites before spending money, and treat price-history and trend outputs as simulated unless the publisher replaces them with verifiable historical data or clearly labels them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill documents use of environment secrets, network access, file reads, and file writes, but does not declare corresponding permissions. This undermines least-privilege controls and prevents users or hosting platforms from understanding the actual capability footprint before execution.

Tp4

High
Category
MCP Tool Poisoning
Confidence
97% confidence
Finding
The documented behavior materially differs from the stated purpose: product data is sent to a third-party API for search/extraction, and the skill reportedly presents fabricated historical pricing rather than real retrieved history. This can mislead users into trusting inaccurate outputs while silently disclosing monitoring data to an external service.

Intent-Code Divergence

High
Confidence
99% confidence
Finding
This code advertises retrieval of historical price data but actually fabricates history using random values derived from the current price. In a price-tracking/arbitrage skill, presenting synthetic data as real can mislead users into making financial decisions based on false evidence, which is a substantive integrity and trust violation.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The file's documented purpose and feature context claim monitoring and price-history tracking, but the implementation generates synthetic history instead of retrieving true historical records. In an arbitrage-focused tool, this materially increases the risk of deceptive output, bad trading decisions, and downstream automation acting on false market signals.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill omits a clear warning that user product queries, monitoring targets, and related business intelligence are transmitted to SkillBoss. Even if the transmission is functionally necessary, failing to disclose it creates privacy and data-handling risk because users cannot make an informed consent decision.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script sends product names from the user-supplied CSV to an external search service via `search_product(...)` without clearly informing the user at runtime that this data leaves the local environment. While product names are often low-sensitivity, CSVs can contain proprietary sourcing targets, internal inventory interests, or other business-sensitive data, so undisclosed external transmission creates a real privacy and data-handling risk.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script sends the user-supplied product query and retrieved search-result content to an external API for search and LLM-based extraction without any explicit notice, consent, or minimization. This creates a privacy and data-governance risk because user inputs and third-party content may be transmitted off-box to a service the user may not expect.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal