ClawHub

Skanetrafiken Trip Planner

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent public-transit trip planner that runs local helper scripts to query Skånetrafiken, with the main privacy consideration being that searched locations and trip times are sent to that service.

Install only from a source you trust and make sure curl and jq are available. When using the skill, avoid exact home, work, or other sensitive addresses if you are not comfortable sending them, along with intended travel times, to Skånetrafiken.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill clearly instructs the agent to execute shell commands (`./search-location.sh`, `./journey.sh`) but does not declare any corresponding permissions. This creates a trust and policy gap: an agent or platform may expose shell execution without the user being properly informed or without applying the intended permission controls, increasing the risk of unintended command execution if the skill or supporting scripts are modified or abused.

Missing User Warnings

Low
Confidence
92% confidence
Finding
The script sends precise origin and destination identifiers, including raw latitude/longitude coordinates for LOCATION inputs, to Skånetrafiken's external API without an explicit warning or consent step. In a transit-planning skill this is expected behavior, but it still exposes potentially sensitive location data off-host and may surprise users when coordinates or home addresses are used.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal