ClawHub

Intelligent Data Analysis Assistant

Security checks across malware telemetry and agentic risk

Overview

This is a coherent data-analysis skill whose database/file access and chart output are disclosed and aligned with its purpose, with some practical privacy cautions.

Install only if you are comfortable letting the agent read the selected files or query the configured databases. Use read-only, least-privilege database accounts, avoid pasting long-lived production passwords directly into chat, review generated SQL before execution, and delete generated HTML chart files if they contain sensitive results.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Low
Confidence
89% confidence
Finding
The template explicitly instructs generated reports to load Chart.js from a public CDN, which introduces external network access and a third-party dependency at report-view time. This can create privacy, availability, and supply-chain risk because opening the generated HTML causes a remote fetch not clearly disclosed in the skill metadata or constrained by integrity pinning.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill explicitly states it will auto-generate an HTML chart file and write it to disk, but it does not warn the user that local files containing potentially sensitive query results may be persisted. In a data-analysis context, this can create unintended data retention, expose business data to other local users/processes, and leave artifacts outside the user's expected chat-only workflow.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The document instructs users to provide database usernames and passwords but gives no warning about secure handling, storage, or redaction of those secrets. In an LLM-powered skill context, that increases the chance users paste live credentials into prompts, logs, configs, or chat history where they could be retained, exposed, or mishandled.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal