ClawHub

threatbook-skills

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent ThreatBook threat-intelligence integration, but it sends selected files, hashes, IPs, domains, and an API key to ThreatBook when used.

Install only if you intend to use ThreatBook's online service. Prefer hash lookups when possible, avoid uploading confidential or regulated files unless you are authorized to share them with ThreatBook, and store the API key in environment/secret configuration rather than passing it on the command line.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
85% confidence
Finding
The skill requires environment credentials and makes external API calls, but the manifest does not declare explicit permissions for those capabilities. This can weaken review and consent boundaries because users and platforms may not clearly see that the skill accesses secrets and communicates off-host. In this context, the skill is legitimately threat-intelligence related, which makes the behavior expected, but the lack of explicit permission declaration still reduces transparency.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation instructs users to upload local files to a third-party service but does not clearly warn that file contents will leave the local environment and may contain sensitive or proprietary data. Even for a security-analysis skill, this is risky because users may submit internal binaries, documents, or malware samples with embedded secrets without informed consent.

Missing User Warnings

Low
Confidence
78% confidence
Finding
The skill requires an API key but does not provide clear guidance on secure credential handling, such as storing the key only in approved secret stores and never hardcoding or logging it. This can lead to accidental exposure of the credential through scripts, shell history, screenshots, or repository commits.

Missing User Warnings

Medium
Confidence
77% confidence
Finding
The script transmits user-provided domains/IPs and the API credential to a third-party service without any explicit disclosure or consent mechanism at runtime. In a security-analysis workflow, queried indicators can themselves be sensitive, so silent submission to an external provider creates a privacy and operational-security risk even if the endpoint is legitimate.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This script transmits the full contents of a local file to a third-party cloud service, but the CLI UX does not provide a prominent warning or explicit confirmation at the point of use. In security tooling, this can cause accidental disclosure of sensitive, proprietary, regulated, or malware-sample data when users assume analysis is local.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script sends both the queried IP address and the API key to a third-party service over the network without any explicit user-facing disclosure at runtime. In a security-analysis context, queried IPs may themselves be sensitive investigative data, and transmitting them to an external provider can leak operational context or secrets if the user is unaware.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal