ClawHub

amath skill

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Socthink math-learning integration, with expected API, login, token, quiz, and setup behavior disclosed across the artifacts.

Install only if you are comfortable letting the skill contact Socthink and handle Socthink account tokens. Avoid putting long-lived tokens in .env on shared machines, prefer explicit per-command tokens where practical, and inspect the OpenClaw installer before running the documented curl | bash command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
83% confidence
Finding
The skill declares no permissions, yet its documented tooling invokes a local script and interacts with an external service, implying environment and network capabilities beyond what is transparently disclosed. This weakens the trust boundary for users and reviewers, because the skill can access external resources and runtime state without explicit permission declarations.

Tp4

High
Category
MCP Tool Poisoning
Confidence
94% confidence
Finding
The documented description presents the skill as a product demo for curriculum, tutoring, and quiz flows, but the underlying behavior includes authentication, profile access, bearer-token storage/inspection/clearing, session retrieval, answer submission, and quiz history access. This mismatch is security-relevant because it obscures sensitive account and session operations from users and reviewers, increasing the risk of credential misuse, unauthorized data access, and over-collection of user data.

External Script Fetching

High
Category
Supply Chain
Content
官方最短路径:

```bash
curl -fsSL https://openclaw.ai/install.sh | bash
openclaw onboard --install-daemon
openclaw gateway status
openclaw dashboard
Confidence
98% confidence
Finding
curl -fsSL https://openclaw.ai/install.sh | bash

Chaining Abuse

High
Category
Tool Misuse
Content
官方最短路径:

```bash
curl -fsSL https://openclaw.ai/install.sh | bash
openclaw onboard --install-daemon
openclaw gateway status
openclaw dashboard
Confidence
97% confidence
Finding
| bash

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal