ClawHub

Attendance Check

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims, but it embeds a Feishu app secret and can retrieve sensitive employee attendance records without an authorization boundary.

Install only if this is an internal, authorized HR or management tool. The publisher should remove and rotate the embedded Feishu secret, load credentials from a secure environment, document the API permissions, and restrict the skill to users allowed to view employee attendance data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
83% confidence
Finding
The skill instructs execution of a local shell command (`python3 scripts/query_attendance.py`) but does not declare any permissions or clearly disclose that code execution is required. Undeclared execution capability weakens user consent and platform enforcement, especially for a skill that accesses sensitive attendance data via supporting scripts.

Tp4

High
Category
MCP Tool Poisoning
Confidence
94% confidence
Finding
If the associated implementation contains hardcoded Feishu APP_ID and APP_SECRET credentials and performs authentication to Feishu, that is a significant security issue. Hardcoded secrets are easily leaked, reused, or extracted, enabling unauthorized access to employee attendance records and potentially broader API abuse.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill is designed to retrieve and reveal detailed employee attendance information, including low-hours employees and missing clock-in/out records, which is sensitive personnel data. Failing to warn users and administrators about this data access and disclosure increases the risk of inappropriate use, privacy violations, and overbroad sharing.

Missing User Warnings

High
Confidence
99% confidence
Finding
The script embeds a live application secret directly in source code, which is a serious credential-exposure issue. Anyone with repository or artifact access can reuse the secret to obtain tokens and access Feishu APIs within the app's granted permissions, making the attendance-reporting context especially sensitive because it handles employee HR data.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The script queries and transmits employee attendance identifiers and retrieves attendance records from an external API without any user-facing notice, consent boundary, or access-control check in the skill itself. In this skill context, the data is highly privacy-sensitive HR information, so silent network retrieval increases the risk of unauthorized or unexpected disclosure if the skill is invoked by an inappropriate user or environment.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal