ClawHub

Weather Max Bot

Security checks across malware telemetry and agentic risk

Overview

This package is not clearly identified: it mixes a Weather Max Bot slug with Simmer documentation and an automated Polymarket trading strategy that can make real-money trades.

Review this carefully before installing. Only run the trading strategy in dry-run mode first, do not provide a wallet private key unless you intend live trading, use a dedicated low-balance wallet or managed wallet, and avoid cron or quiet mode until the publisher fixes the package identity mismatch and you are certain which skill you are installing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill advertises environment-variable and network-driven behavior but does not declare corresponding permissions, which prevents hosts or reviewers from understanding that it can access secrets and communicate with external services. In an agent ecosystem, undeclared capabilities materially increase the risk of secret exposure or unintended outbound actions because operators may install the skill under incomplete assumptions.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The manifest slug identifies the skill as "weather-max-trader-bot" while the provided skill metadata says the skill is "simmer." This identity mismatch can mislead users, reviewers, or automation about what is being installed or executed, enabling skill confusion, incorrect trust decisions, or substitution of a different capability than expected.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal