ClawHub

Bilibili Hot Daily

Security checks across malware telemetry and agentic risk

Overview

This skill appears to fetch public Bilibili trending-video data and optionally save it locally, with no evidence of hidden persistence, credential use, or data exfiltration.

Use this only as a simple public Bilibili hot-list fetcher/exporter. Do not assume the advertised AI summaries, scheduled daily runs, or Telegram/WeChat/email push features exist in this version, and choose any --output path carefully because the script will write or overwrite that file.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill advertises executable usage that performs network access, shell execution, and file output, but the manifest declares no permissions or capability boundaries. This creates a trust and review gap: users or platforms may approve the skill assuming low privilege, while it can still fetch remote data and write local files, increasing the chance of unintended data access or filesystem effects.

Tp4

High
Category
MCP Tool Poisoning
Confidence
81% confidence
Finding
The skill description overstates functionality by claiming daily automation, AI-generated summaries, and multi-channel push support that are not actually implemented. Security-wise, this is dangerous because reviewers and users may grant the skill more trust, broader deployment, or additional access based on false expectations, making it easier to hide future risky behavior behind misleading marketing claims.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal