ClawHub

MysticX Tarot Drawer

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it sends tarot requests to MysticX’s public API and displays returned card data, with privacy caveats for user questions.

Install if you are comfortable sending tarot questions and language preferences to MysticX.ai. Avoid including sensitive health, financial, relationship, identity, or contact details in questions, and treat returned images and links as third-party content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly instructs the agent to forward the user's tarot question to a third-party service, and tarot questions often contain sensitive relationship, health, financial, or emotional details. Because the transmission happens by default with no user-facing notice or consent flow, users may unknowingly disclose personal data to an external provider.

Ssd 3

Medium
Confidence
96% confidence
Finding
The skill directs the agent to send user-supplied questions to a third-party API, and the API is documented to echo that question back in its response. This creates an avoidable data exposure and replay channel for sensitive user content, increasing privacy risk and making accidental re-disclosure more likely in logs, UI, or downstream integrations.

Ssd 3

Medium
Confidence
83% confidence
Finding
The formatting rules require verbatim display of API-returned content, while the API response shape includes a reflected user question. In combination, this can cause the assistant to re-disclose sensitive user input exactly as returned by the service, amplifying exposure through chat history, screenshots, logs, or shared transcripts.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal