ClawHub

v3.5 Test Report

Security checks across malware telemetry and agentic risk

Overview

This skill appears to read one disclosed local production log file and print aggregate test-report statistics, with no evidence of network access, persistence, credential use, or destructive behavior.

Install this only if you intend the agent to analyze /tmp/agent_v35_production.log. Review or redact that log first if it may contain identifiers, secrets, customer data, or sensitive operational details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill documentation indicates it reads a local production log file from /tmp, which is a file-read capability, but no permissions are declared. In an agent ecosystem, undeclared file access weakens least-privilege controls and can cause the skill to access sensitive operational data without clear review or user consent.

Vague Triggers

Medium
Confidence
77% confidence
Finding
The skill description is broad and lacks clear invocation boundaries, which can cause an agent to select it for loosely related requests. In systems that auto-route by semantic matching, overbroad triggering increases the chance of unnecessary access to production-related logs or use in contexts the user did not intend.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill states it reads production log data but provides no user prompt, consent flow, or privacy notice. Production logs commonly contain identifiers, internal system details, or sensitive operational metadata, so silent analysis can expose private data beyond user expectations.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal