ClawHub

Uplo Customer 360

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for customer intelligence, but it connects an unpinned external MCP server to sensitive customer data and lacks clear safeguards for broad exports, logging, and knowledge-base changes.

Review before installing. Use only with a trusted UPLO instance, a least-privilege and rotatable token, and an HTTPS endpoint. Require explicit user approval before exporting organization-wide context, logging customer-specific summaries, or creating flags/proposals in shared knowledge systems.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README instructs users to configure a live API key and connect an organizational data service, but it provides no warning about protecting credentials, scoping access, or the privacy implications of exposing customer and internal business data to the remote platform. In a skill explicitly designed for Customer 360 and cross-functional organizational intelligence, this omission increases the chance of unsafe deployment, credential leakage, or over-broad access to sensitive sales, success, and retail data.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The skill advertises very broad usage triggers for routine revenue workflows without defining authorization checks, least-privilege boundaries, or data-sensitivity limits. In a skill that unifies CRM, support, onboarding, usage, and retail analytics, this encourages expansive retrieval of customer and employee-context data for ordinary prompts, increasing the chance of over-collection and inappropriate cross-functional disclosure.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill is designed to consolidate highly sensitive customer lifecycle data, including sales notes, support escalations, onboarding records, usage analytics, and employee assignment context, but it provides no warnings or handling guidance for sensitive data. That omission is dangerous because users may treat the skill as a general discovery tool and expose confidential account information, internal complaints, or personal data beyond what is necessary for their role.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The manifest configures the MCP server to use HTTP transport and constructs the endpoint from a user-supplied URL while also passing a secret API token in the environment for that connection. If the configured URL is plain HTTP or an attacker can influence routing, the token and customer data operations may be exposed to interception or misuse, and the skill gives no warning or enforcement of HTTPS.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal