ClawHub

An AI-powered tool that turns conversations into polished, structured summary cards by extracting key ideas, action items, and next steps.

Security checks across malware telemetry and agentic risk

Overview

This skill coherently creates Mew.design summary images, but users should know it asks for an API key and sends summary content to Mew.design.

Install only if you are comfortable using Mew.design for generation. Use a dedicated or revocable Mew.design API key, avoid summarizing highly sensitive conversations, and rotate the key if it was pasted somewhere unintended.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (9)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill clearly instructs the agent to invoke shell commands, write JSON to /tmp, and make outbound network requests, yet no permissions are declared. That creates a transparency and policy-enforcement gap: a user or host system may believe the skill is low-privilege when it actually performs code-execution-capable actions and exfiltrates conversation content to an external service.

Tp4

High
Category
MCP Tool Poisoning
Confidence
89% confidence
Finding
The description suggests a local install/use flow for a summary-image skill, but the body also collects credentials, validates them, builds request payloads, and transmits data to a third-party API. This mismatch can mislead users about what the skill will do and reduce informed consent for secret handling and external data transfer.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The install trigger examples are broad enough to match common conversational requests, which increases the chance of accidental invocation. In this skill, accidental invocation is more concerning because it leads quickly into credential collection and external network actions.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The primary invocation phrase is a broad natural-language expression that could be triggered in ordinary discussion. Because the skill requests an API key and performs remote calls, loose triggering increases the risk of unexpected sensitive workflows starting without deliberate user intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill asks the user to paste an API key directly into chat and says it will be reused, but provides no clear warning that this is sensitive credential material or that it will be used for outbound requests. This increases the risk of inadvertent credential exposure in chat logs, transcripts, memory, or downstream tools.

Ssd 3

Medium
Confidence
97% confidence
Finding
The skill explicitly instructs the agent to have users paste an API key into chat and then use that credential in subsequent steps. Secrets entered into conversation channels are at higher risk of retention in logs, memory, model context, screenshots, and unintended replay, making credential compromise materially more likely.

Ssd 3

Medium
Confidence
95% confidence
Finding
Reusing the same validated API key throughout the conversation encourages persistent retention of a secret in active context. That expands the attack surface for accidental disclosure through later prompts, debugging, summaries, or tool invocations that can access prior chat state.

External Transmission

Medium
Category
Data Exfiltration
Content
Then generate the image through the official Mew design API:

```bash
curl -sS -X POST "https://api.mew.design/open/api/design/generate" \
  -H "Content-Type: application/json" \
  -H "x-api-key: USER_PROVIDED_KEY" \
  --data @/tmp/chat-summary-body.json
Confidence
90% confidence
Finding
curl -sS -X POST "https://api.mew.design/open/api/design/generate" \ -H "Content-Type: application/json" \ -H "x-api-key: USER_PROVIDED_KEY" \ --data

External Transmission

Medium
Category
Data Exfiltration
Content
Then generate the image through the official Mew design API:

```bash
curl -sS -X POST "https://api.mew.design/open/api/design/generate" \
  -H "Content-Type: application/json" \
  -H "x-api-key: USER_PROVIDED_KEY" \
  --data @/tmp/chat-summary-body.json
Confidence
90% confidence
Finding
https://api.mew.design/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal