ClawHub

Blinko Api

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Blinko note-management skill that uses a configured API token and can read, create, update, promote, and delete notes when invoked.

Install this only if you want an agent to manage your Blinko notes. Set BLINKO_HOST to a trusted Blinko instance, protect BLINKO_TOKEN like a password, and confirm note IDs before update, promote, or delete actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill clearly instructs the agent to use environment variables and make HTTP requests, but it declares no corresponding permissions. This creates a transparency and governance gap: users or platform controls may not realize the skill can access secrets and send data over the network, increasing the risk of unintended credential use or data exfiltration.

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
80% confidence
Finding
The trigger 'save blinko' overlaps with a generic built-in command namespace around 'save', which can cause the skill to be invoked when a user intended a different save action. That ambiguity can lead to unintended note creation or transmission of user content to the Blinko API.

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
79% confidence
Finding
The trigger 'get blinko' conflicts with the generic 'get' command family, making accidental invocation more likely. In context, this could expose note contents or cause retrieval actions when the user intended a different tool or command.

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
79% confidence
Finding
The trigger 'list blinkos' overlaps with the common built-in 'list' command namespace. Ambiguous trigger matching may cause the skill to enumerate Blinko content unexpectedly, which can reveal note metadata or content to the wrong context.

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
81% confidence
Finding
The trigger 'create blinko' conflicts with the generic built-in 'create' verb and may intercept normal creation requests. Because the skill performs networked create/upsert operations, accidental activation could send user-authored content to an external or local API endpoint without clear intent.

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
81% confidence
Finding
The trigger 'update blinko' sits in a generic command space shared by many tools, so users may invoke it unintentionally. Since update operations modify remote state, accidental invocation can overwrite or alter notes without the user's intended target or tool selection.

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
88% confidence
Finding
The trigger 'delete blinko' conflicts with the highly sensitive built-in 'delete' command namespace. Because this skill supports destructive actions, ambiguous activation is especially dangerous and can lead to unintended deletion of Blinko data or deletion attempts against the configured API.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal