ClawHub

Signus Signature Generator

Security checks across malware telemetry and agentic risk

Overview

The skill mostly does what it claims, but its file-writing boundary is weaker than disclosed and should be reviewed before use.

Install only if you are comfortable sending the requested signature name or initials to Signus and storing generated files locally. The maintainer should add path containment checks, stronger filename sanitization, ZIP entry validation, size limits, and an explicit third-party data-sharing notice before broad use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill explicitly instructs execution of a Node.js script that performs outbound requests to a remote API, yet no permissions are declared. That mismatch is a real security governance issue because it hides network capability from reviewers and policy enforcement, making data egress and external dependency use less visible and less controllable.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script transmits user-supplied identity data such as name, firstName, lastName, or initials to an external Signus API without any built-in notice, consent check, or minimization. In an agent skill context this is a real privacy/security issue because personally identifying information is exfiltrated off-platform to a third party, and users may not realize that requesting a signature image causes their identity data to be sent externally.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill writes remote content returned by the Signus service directly to the local filesystem and then extracts ZIP content into a user-accessible media directory, without validation of the archive contents or any user warning. This is dangerous because untrusted remote files can persist locally, consume disk space, or, if the ZIP library permits path traversal or symlink abuse, overwrite files outside the intended directory.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal