ClawHub

Semantic Hub

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent Semantic Hub integration, but its privacy disclosures understate that agents can upload file contents and receive member email data.

Install only if you are comfortable giving an agent a scoped Semantic Hub API key that can create and update shared task data, post comments, upload files, attach URLs, and view member emails on authorized boards. Treat uploaded files, card text, comments, assignees, member emails, and attachment metadata as data shared with Semantic Hub despite the current privacy wording, and require explicit review before uploads or important board changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The privacy claims are materially inconsistent with the documented upload API. The skill explicitly supports multipart file upload, which necessarily transmits file contents to the remote service, so telling users that file contents are never transmitted can mislead them into exposing sensitive data under false assumptions.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The document states that no personal information of any kind is sent, but other sections show member emails and assignee emails being returned and processed. This contradiction can cause users or downstream agents to underestimate the privacy implications of using the skill and disclose personal data without informed consent.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The manifest makes categorical privacy claims that no personal information is transmitted, yet the documented API clearly returns member email addresses and accepts emails in assignee/filter fields. This creates a misleading data-handling representation that can cause operators to over-trust the integration and expose user identity data where they believed none would be processed.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill offers file upload and attachment workflows without an explicit user-facing warning that file contents leave the local environment and are hosted remotely. In an agent context, this increases the risk of accidental exfiltration of sensitive local files because the action appears routine unless the documentation clearly flags the data transfer boundary.

Missing User Warnings

Low
Confidence
88% confidence
Finding
Listing board members exposes email addresses, which are personal data, but the skill does not clearly warn that using this endpoint may reveal other users' identities. While this is somewhat expected in a collaboration tool, the missing disclosure can still lead to unnecessary collection or display of personal information by an agent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal