ClawHub

Signus Font Signature

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly purpose-aligned, but it needs review because it sends identity text to Signus and can write generated files outside its promised output folder with path-like input.

Review before installing. Use only ordinary names or initials, avoid path-like input, and install only if you are comfortable sending that identity text to Signus and keeping generated signature images on disk. The publisher should add explicit permission metadata and enforce resolved-path containment under the intended output directory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill explicitly performs outbound network access to `https://api.signus.ai`, but the metadata shown does not declare corresponding permissions. Undeclared capabilities are dangerous because they weaken operator visibility and policy enforcement, making it easier for a skill to exfiltrate data or access remote services without clear authorization boundaries; the fixed host reduces scope somewhat, but does not remove the governance risk.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script sends user-provided identity data such as name, initials, or derived first/last name to an external API, but the code contains no consent gate, disclosure, or minimization step before transmission. In a skill that handles personal signature generation, this is privacy-relevant because users may not realize their identifying data is being sent to a third-party service and potentially logged or retained there.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The script stores generated signature images and extracted archive contents under the user's home directory without any explicit notice, opt-in, or cleanup behavior. Because signatures are sensitive biometric-style personal artifacts, persisting them locally can expose users to unintended disclosure through backups, shared accounts, or later local compromise.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal