ClawHub

Fact Checker

Security checks across malware telemetry and agentic risk

Overview

This is a local fact-checking helper whose file reads, localhost status check, and optional report output are disclosed and aligned with its purpose, with some operational cautions.

Install it only in workspaces where it is acceptable for the skill to read the named project files, memory markdown logs, git history, score JSON files, and a local status service. Use a fresh report filename for --output to avoid overwriting an existing file.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The security metadata says outbound network is false and claims all operations are local, yet the skill text instructs queries to http://localhost:8765/status and describes consulting a local API. Even localhost access is still network access and can reach privileged local services, so this contradiction can cause reviewers or automated enforcement to misclassify the skill as non-networked. In a security-sensitive environment, hidden or mislabeled network behavior increases the risk of unauthorized data access or interaction with unintended local services.

Missing User Warnings

Low
Confidence
93% confidence
Finding
The script writes to a user-specified output path with `write_text()` and no existence check, confirmation, or safe-create mode. If the user supplies an existing important file path, the tool will silently overwrite it, causing data loss or clobbering files in the workspace.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal