ClawHub

Biver Builder

Security checks across malware telemetry and agentic risk

Overview

This skill is a legitimate Biver API guide, but it needs review because it documents live publishing and deletion actions with unclear permission scoping and limited confirmation guidance.

Install only if you intend to let an agent help manage Biver landing pages. Start with a test or read-only API key, verify the exact scopes in the Biver dashboard before granting write access, and require explicit confirmation for deletes, deploys, domain changes, gallery deletion, and workspace updates.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The Gallery API documentation states the scope is `gallery:read` while also documenting upload and delete operations, which are write actions. This can cause operators to grant a broader or incorrectly named permission set than intended, undermining least-privilege expectations and potentially enabling unintended asset modification or deletion.

Intent-Code Divergence

Low
Confidence
86% confidence
Finding
The skill gives conflicting information about subdomain permissions: one section ties subdomain operations to `pages:*` scopes while another lists dedicated `subdomains:*` scopes. This inconsistency can lead users to provision overly broad credentials or misconfigure access controls, weakening least-privilege enforcement.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
This section prominently documents destructive and public-facing actions such as delete, deploy, domain changes, and publishing without an explicit warning to obtain user confirmation before executing them. In an agent skill context, that omission increases the risk of accidental deletion, unintended publication, or user-visible configuration changes from ambiguous prompts.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal