ClawHub

Parseur

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Parseur integration that reads mailbox and document data through the OOMOL CLI, with some broad wording users should treat carefully.

Install only if you are comfortable connecting Parseur through OOMOL and using the oo CLI. Keep use to the listed read actions unless you separately review and explicitly approve any future write or destructive Parseur action, and inspect remote CLI install commands before running them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The manifest and description present the skill as limited to searching and reading Parseur data, but the body instructs the agent to inspect and run arbitrary connector actions by name. That mismatch can mislead users and higher-level policy systems into trusting the skill as read-only while still enabling state-changing operations if such actions exist in the connector.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The skill says untagged actions are safe reads, but the execution flow allows `oo connector schema` and `oo connector run` with any `<action_name>`. This creates a policy bypass where undocumented or newly added write/destructive actions could be invoked without the promised tagging and confirmation safeguards.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The trigger phrase says to use this skill for ANY Parseur request, which is overly broad and may cause the agent to invoke the skill in contexts where a narrower or safer mechanism would be more appropriate. Over-broad routing increases the blast radius of the other permission and policy issues in the skill.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal