ClawHub

Skylv Mcp Server Builder

Security checks across malware telemetry and agentic risk

Overview

This instruction-only MCP builder is not malware, but it includes example server tools that could read or overwrite arbitrary files or run broad database queries if copied as written.

Review before installing or using this to generate production MCP servers. Treat the file and database examples as unsafe templates unless you add a workspace allowlist, path normalization, explicit confirmation for writes or deletes, read-only database credentials, and limits on raw SQL or mutation queries.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill documents and provides example code for arbitrary file reads and writes, and advertises deletion as an operation, even though the stated purpose is scaffolding MCP servers. In an agent-integrated context, exposing unrestricted filesystem primitives can enable overwriting project files, reading secrets, or destructive actions well beyond server scaffolding, making the capability dangerous if copied into production.

Vague Triggers

Medium
Confidence
76% confidence
Finding
The trigger terms are broad and loosely scoped, increasing the chance that the skill activates in contexts where the user did not specifically request this behavior. For a skill that includes examples of tool execution, filesystem access, and MCP server generation, overbroad activation boundaries can cause unsafe or surprising assistance and increase the likelihood of risky code being suggested or instantiated unnecessarily.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation presents write-capable and nominally delete-capable file operations without prominent warnings, safeguards, or user-consent requirements. In agent ecosystems, examples are often reused directly; normalizing destructive primitives without caution makes accidental data loss or unsafe tool construction more likely.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal