ClawHub

MachineCommander

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly described as a read-only equipment lookup tool, but it also documents a way to send commands to real construction machines without clear safety controls.

Review before installing. Use this only if you trust the MachineCommander MCP service and need operational control, not just data lookup. Confirm that access is authenticated, tenant/project scoped, logged, and that any machine command requires explicit human approval before execution.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The skill is presented in metadata and description as a query-only capability, but the documentation also exposes a management command that can send operational instructions to construction machines. This mismatch can cause an orchestrator or user to invoke a write/action capability under the assumption the skill is read-only, creating a dangerous integrity and safety boundary violation for real-world equipment.

Intent-Code Divergence

Medium
Confidence
89% confidence
Finding
The documentation is internally inconsistent: it says all queries use the data-query tool while also documenting a separate command-sending interface. This ambiguity increases the chance that agents, integrators, or reviewers misunderstand the available privileges and accidentally route operational commands through a skill expected to be informational only.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The markdown documents a capability to send instructions to construction machinery without any warning, operator confirmation, or discussion of safety constraints. In the context of heavy equipment and vessels, undocumented action execution can lead to unauthorized operational changes, safety incidents, service disruption, or physical harm if an agent or user triggers it improperly.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal