ClawHub

Orderflow

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent e-commerce automation, but it can affect live orders, inventory, shipping, and customer data without enough scoping or safeguards.

Review carefully before installing. Use sandbox stores and test orders first, pin and verify the external CLI, avoid putting secrets in shell commands, grant least-privilege credentials, restrict Slack/Sheets/webhook destinations, minimize or redact customer data, and require human approval for live order changes, shipping labels, customer messages, batch jobs, and recurring workflows.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
This is a real security issue: the skill claims credentials are never transmitted in plain text, yet the setup instructions pass API keys and tokens directly as command-line arguments. Command-line secrets can be exposed through shell history, process listings, audit logs, CI logs, or screen recordings, making the documentation materially unsafe and misleading.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill repeatedly encourages sending order, customer, inventory, and operational data to third-party services such as Slack, Google Sheets, SMS, email, and webhooks without a clear upfront warning about data-sharing, retention, or sensitivity. In an e-commerce context, those payloads may include customer identities, order values, addresses, phone numbers, and business-sensitive inventory data, increasing privacy and compliance risk.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal