ClawHub

AC Milan Match Monitor

Security checks across malware telemetry and agentic risk

Overview

This is a coherent AC Milan match notifier that runs a local script and makes low-risk public sports/news requests, with some under-disclosed but related extras.

Install only if you are comfortable with a scheduled local Python script making public web requests to ESPN and Google News for AC Milan results and related articles. Keep any cron or nodes.run command pointed at the reviewed script path, and use the schedule updater only if you want it to rewrite the bundled schedule.json.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill instructs the agent to run a local Python script via shell and references placing files in the skill folder, but the manifest does not declare any corresponding permissions. Undeclared shell and file-write capabilities weaken the trust boundary for users and reviewers because the skill can invoke code execution paths that are not transparently disclosed.

Tp4

High
Category
MCP Tool Poisoning
Confidence
97% confidence
Finding
The documented behavior says the skill only checks ESPN for yesterday's AC Milan result and stays silent otherwise, but the analyzed behavior includes extra network lookups, local cache maintenance, and reliance on preloaded schedule data. This mismatch is dangerous because operators may approve a narrowly scoped read-only monitoring skill while it actually performs broader data retrieval and persistent local state changes, increasing attack surface and privacy/operational risk.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill exceeds its stated behavior of only checking whether AC Milan played and sending the result by additionally fetching and outputting YouTube and Google News content. This expands the skill's external network surface and causes unannounced data retrieval and output from third-party sources, which can surprise operators and downstream consumers.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal