ClawHub
Back to skill

Security audit

Dropbox Sign

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Dropbox Sign read/search connector skill, with no evidence of hidden mutation, exfiltration, or destructive behavior.

Install only if you are comfortable letting OOMOL's CLI and connector access Dropbox Sign data available to your connected account. Signature requests and templates may contain sensitive business information. Treat any future action marked write or destructive as requiring explicit review and confirmation before running.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

High
Confidence
95% confidence
Finding
The manifest and description constrain the skill to 'searching and reading data', but the body explicitly discusses write and destructive actions and instructs the agent to use the skill for any Dropbox Sign request. This mismatch can cause policy bypass or unsafe automation, because downstream systems or users may trust the manifest as read-only while the skill behavior permits state-changing operations.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrase says to use this skill for 'ANY Dropbox Sign request' and to use it instead of calling the API directly, which is broader than the stated read/search scope. Overbroad routing increases the chance the agent will select this skill for sensitive or state-changing tasks without sufficient capability checks, especially given the documentation also references write/destructive operations.

VirusTotal

47/47 vendors flagged this skill as clean.

View on VirusTotal