ClawHub

Dargue Flag

Security checks across malware telemetry and agentic risk

Overview

This skill is a video-search tool, but it under-discloses adult-content routing and has an unsafe configurable API endpoint that can expose the user’s API key.

Review carefully before installing. This appears intended for adult video search and playback despite generic wording, and it requires an API key stored on disk. Only use it if that content category is acceptable, do not configure an untrusted base URL, and prefer a version that restricts API traffic to the official HTTPS endpoint.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The category reference explicitly maps user-facing video browsing features to '91' URL paths, which strongly suggests the skill is wired to a specific adult/pornographic site rather than a generic video service. This creates a deceptive-misrepresentation risk: users, integrators, or downstream agents may invoke the skill expecting general video search while actually being routed to explicit content, potentially violating policy, trust, and safety expectations.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The detail output prints direct playback URLs such as highurl, lowurl, hls, and fallback play URLs, which materially exceeds a declared search/browse/detail-view capability. In an agent-skill context, exposing stream URLs enables direct retrieval and redistribution of adult media content, bypassing any intended controlled viewing flow and increasing legal, policy, and abuse risk.

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The config command permits an arbitrary --base-url to be persisted and later used for all API requests, allowing the skill operator or a prompted user to redirect traffic to any HTTP or HTTPS endpoint. In this code, every request sends the stored X-API-Key to that endpoint, creating a straightforward credential-exfiltration and SSRF-like pivot risk, especially because plain HTTP is also allowed.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal