ClawHub

Uplo Customer Success

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned, but it exposes broad organizational customer-success context and routes an API key to a remote MCP service without enough user-facing scoping or sensitivity disclosure.

Install only if you trust the remote MCP service and understand what data the org export can include. Use a scoped, revocable API key, prefer HTTPS-only endpoints, and confirm that your organization has authorization, audit logging, redaction, and approval controls for bulk customer-success exports.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The README advertises an `export_org_context` tool as providing a full organizational context snapshot, but gives no warning about sensitivity, access controls, or the possibility of exposing confidential customer success data. In a customer-success knowledge system that may contain account health, onboarding, renewal, and escalation records, normalizing unrestricted export increases the risk of over-collection, privacy violations, and large-scale data exfiltration if the tool is misused or misconfigured.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The manifest is configured to send a secret API key to a remote MCP endpoint over HTTP transport, but it does not disclose this clearly to the user at install/use time. Even if the example URL uses HTTPS, the skill explicitly enables remote transmission of sensitive credentials to an external service, creating risk of credential exposure, misconfiguration to insecure endpoints, or unintended trust in a third-party server.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal