ClawHub

statsfm

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a normal stats.fm analysis helper that queries a music-data API, with privacy and usage caveats but no artifact-backed malicious behavior.

Install only if you are comfortable with the agent querying api.stats.fm for music-listening analytics. Prefer providing the username intentionally, be aware that timezone and listening-query context may be included, and ask the agent to limit follow-up calls if you want tighter privacy or rate-control.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
83% confidence
Finding
The skill documentation indicates network and environment-backed capabilities but does not declare corresponding permissions. That creates a transparency and governance gap: users and reviewers cannot accurately assess what data may be accessed or transmitted, especially when personal stats queries depend on stored usernames and remote API access. In a skill ecosystem, undeclared capabilities are dangerous because they bypass least-privilege review and make downstream misuse harder to detect.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The client sends user identifiers, listening-history queries, and in several call paths the host's local timezone to a third-party service without any explicit user-facing notice or consent mechanism. In a skill context, this can surprise users and leak behavioral/profile metadata beyond what the manifest description clearly discloses, especially when using STATSFM_USER from the environment by default.

Unrestricted Tool Access

Medium
Category
Excessive Agency
Content
## How to Be Good at This

This skill is worthless if you call one command and dump the output. Music is personal. Your job is to investigate, find the story in the data, and tell it back. You're a music analyst with unlimited API calls — act like it.

### Core principles
Confidence
81% confidence
Finding
unlimited API calls

Unbounded Resource Access

Medium
Category
Excessive Agency
Content
## How to Be Good at This

This skill is worthless if you call one command and dump the output. Music is personal. Your job is to investigate, find the story in the data, and tell it back. You're a music analyst with unlimited API calls — act like it.

### Core principles
Confidence
86% confidence
Finding
unlimited API calls

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal