ClawHub

cve-sentinel

Security checks across malware telemetry and agentic risk

Overview

This skill appears to perform disclosed CVE monitoring and local report generation without hidden destructive or data-stealing behavior.

Install only if you are comfortable with the skill sending package/software names and CVE IDs to public vulnerability APIs and writing local watchlist/report files. Review the watchlist path and output paths before running dependency extraction or monitor mode, and pass any NVD API key deliberately rather than storing credentials in project files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill instructs the agent to read local inputs, write reports and indexes, and query external vulnerability sources, but it declares no permissions or safety boundaries. That mismatch can cause the agent to perform file and network operations without clear user visibility or policy enforcement, increasing the risk of unintended data exposure, overwriting local files, or surprise outbound requests.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The monitor-mode trigger phrase is broad natural-language wording that could be invoked by ordinary user requests without an explicit mode selection or confirmation step. In an agent skill that performs external vulnerability lookups and automated analysis, ambiguous activation can cause unintended execution, unnecessary outbound requests, and confusion about when the skill is acting on user intent.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The dependency-extraction trigger phrase is also broad and resembles common developer assistance requests, which increases the chance that the skill activates unintentionally during normal conversation. Because this mode may inspect local project files and generate a watchlist, ambiguous triggering can lead to unplanned file processing and data exposure within the agent context.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The skill description and usage guidance do not clearly warn users that execution updates watchlists, report archives, raw JSON outputs, and INDEX files. In this context, hidden write behavior is risky because a user may invoke what appears to be an analysis skill and unintentionally alter repository state or local security records.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal