ClawHub

Subagent Collaboration

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-aligned, but it should be reviewed carefully because it generates runnable multi-agent code from user text and has inconsistent safety limits.

Install only if you are comfortable reviewing generated workflow files before running them. Use explicit output paths, avoid feeding untrusted or secret-bearing task text into the generator, and check generated JavaScript for agent count, sandbox, timeout, cleanup, and unintended code before execution.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill advertises and demonstrates code-generation and command execution workflows using Python, Node, file inputs/outputs, and session spawning, but the metadata does not declare corresponding permissions. This creates a security transparency gap: users or policy engines may trust the manifest while the documented usage encourages broader capabilities, increasing the chance of unintended file or shell access being granted implicitly.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The document defines a hard safety rule of concurrent subagents being limited to 3, then later shows a security-check output that labels 4 concurrent agents as acceptable. This inconsistency can train users or downstream generators to approve unsafe orchestration patterns, weakening enforcement of the stated control and potentially enabling resource exhaustion or policy bypass through excessive parallel execution.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal