ClawHub

Skill Rating Comparator

Security checks across malware telemetry and agentic risk

Overview

This skill is not malware-like, but it presents synthetic and randomized comparison reports as if they were real skill analysis.

Review before installing. Treat its reports as demo or placeholder output unless the publisher clearly labels the data as simulated or implements real ClawHub/GitHub discovery, deterministic scoring, and visible evidence for each recommendation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The skill advertises automatic discovery and multi-dimensional analysis, but the implementation uses hardcoded competitors and randomized scoring instead of real data sources. This creates deceptive output that can mislead users into making decisions based on fabricated comparisons, which is a security-relevant integrity issue even though it is not direct code execution or data exfiltration.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The help text promises automatic discovery and 6-dimension scoring, but the command path generates a report from simulated values. That mismatch can cause users to trust the output as factual analysis when it is synthetic, enabling misinformation and poor downstream decisions.

Missing User Warnings

Low
Confidence
92% confidence
Finding
The skill explicitly advertises searching ClawHub/GitHub and lists HTTP/API dependencies and data sources, but it does not clearly disclose to users that invoking the skill will trigger outbound network requests to third-party services. This is primarily a transparency and privacy-consent issue rather than an exploit primitive, but it can still surprise users, leak queried skill names or prompts to external platforms, and complicate use in restricted environments.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal