ClawHub

Session State Location Selector

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only architecture guidance skill with no executable behavior, though two examples should be treated cautiously for security correctness.

Install only if you understand it is advisory design guidance. When applying it, require integrity protection for any client-held session data, encrypt sensitive client-held claims, and revalidate prices, roles, permissions, quantities, and product IDs server-side.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The worked example states that no signing or encryption is required for client-held cart contents, which contradicts the file's own earlier rule that client session state must at least be signed for tamper detection. Even if cart data is not confidential, unsigned client-controlled state allows quantity, price-related fields, discounts, or item identifiers to be modified and replayed, which can lead to business logic abuse if any downstream code trusts it.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The JWT example is internally inconsistent: the security row says high-sensitivity authorization data must be signed and encrypted, but the verdict recommends only a signed JWT cookie. In a design guidance skill, this can normalize exposing authorization claims to the client and encourage implementers to omit confidentiality protections or better alternatives such as opaque session identifiers.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal