ClawHub

Aibuy

Security checks across malware telemetry and agentic risk

Overview

This skill is a jewelry and gold-price lookup helper whose external API use matches its stated purpose, with a privacy note about search terms leaving the local machine.

Reasonable to install for jewelry catalog and gold-price lookup. Treat searches as remote queries: do not include names, phone numbers, addresses, confidential budgets, supplier secrets, or private business terms unless you are comfortable sending them to the service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill instructs the agent to invoke local Python scripts that fetch product listings and gold-price panels, which implies network/data-access capability, yet no permissions are declared. Undeclared network-capable behavior weakens platform trust boundaries and can lead to unintended external access, data exfiltration, or policy bypass if the runtime assumes the skill is non-networked.

Vague Triggers

Medium
Confidence
75% confidence
Finding
The trigger conditions are intentionally broad, including casual phrases like gift-seeking or vague jewelry interest, which can cause the skill to activate in conversations where the user did not intend marketplace lookup. Over-triggering can expose external-query behavior unexpectedly, reduce user control, and increase the chance of irrelevant or privacy-impacting searches based on loosely inferred intent.

Missing User Warnings

Low
Confidence
94% confidence
Finding
The script transmits the user-provided search keyword to a third-party Supabase endpoint, but the interface only shows basic CLI usage and does not clearly disclose that user input leaves the local environment. This is a real privacy/transparency issue because users may enter sensitive product interests, supplier names, or business terms without realizing they are being sent to an external service.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal