ClawHub

Uplo Media

Security checks across malware telemetry and agentic risk

Overview

This skill is for a legitimate media knowledge-base workflow, but it asks for broad organizational context and automatic sensitive lookups that users should review before enabling.

Install only if you trust the configured UPLO instance and MCP server package, can provide a least-privilege UPLO token, and are comfortable with the assistant accessing sensitive media, licensing, strategy, and talent data. Consider disabling or narrowing automatic identity/directive lookups, broad org exports, and negotiation logging unless a task explicitly requires them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill’s session-start workflow pulls identity context and leadership directives before any user task is established, and this exceeds the declared media knowledge/search purpose. That creates unnecessary exposure of sensitive organizational and personal context to any session using the skill, increasing the chance of over-collection, inappropriate data use, or disclosure in downstream responses.

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
Encouraging use of log_conversation for rights negotiations expands the skill from search/extraction into communications capture and retention, which is outside the declared scope. Negotiation discussions often contain sensitive commercial terms, legal positions, and personal data, so normalizing their logging without explicit consent or retention controls can create compliance, confidentiality, and privacy risk.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill instructs access to identity context and leadership directives without warning that these may contain sensitive organizational, strategic, or personal information. In practice, this can cause users or downstream agents to unknowingly ingest high-sensitivity data and mix it into routine media queries, broadening exposure beyond what is necessary for rights or production analysis.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The manifest requires a secret API token and configures an external MCP endpoint over HTTP transport, but it does not provide any user-facing disclosure about where the credential is sent or what remote actions it enables. This creates a real credential-handling risk because users may supply sensitive tokens without clear notice that the skill connects to a third-party service and forwards authentication material to it.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal