ClawHub

Perceptron

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Perceptron vision-analysis helper, but users should understand that selected images, videos, URLs, and outputs may go to an external API.

Install only if you are comfortable sending selected visual content and URLs to Perceptron for analysis. Avoid using it on private IDs, receipts, proprietary footage, medical/legal material, or confidential screens without approval. Keep the API key in an environment variable or secret manager, do not hardcode or log it, and avoid exposing raw reasoning traces or detailed model outputs in normal logs or user-facing interfaces.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill explicitly requires an API key, documents network-backed SDK usage, and references a CLI script that can process local files and write batch results to disk, yet it does not declare corresponding permissions. Undeclared network, environment-variable, and file-write capabilities weaken user consent and platform enforcement because operators may not realize the skill can transmit data externally or create output files.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The documentation explicitly advertises a `reasoning=True` mode and shows printing `result.reasoning`, which exposes model chain-of-thought beyond the skill's core image-analysis purpose. Internal reasoning can contain sensitive intermediate inferences, policy-relevant hidden analysis, or prompt-derived artifacts that should not be disclosed to end users, making this a real information-exposure risk.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documentation says users can pass file paths or URLs directly and use a remote API key-backed SDK, but it does not clearly warn that image/video content, URLs, and possibly sensitive visual data are sent to an external Perceptron service for analysis. In a vision skill, this omission is especially important because inputs often contain personal, confidential, or regulated information, so users may unknowingly exfiltrate sensitive data to a third party.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The example not only exposes reasoning traces but does so without any warning that `result.reasoning` may reveal sensitive internal deliberation or unsafe hidden analysis. In this skill context, users may process images containing personal, regulated, or safety-sensitive content, so normalizing unrestricted reasoning disclosure increases the chance of leaking internal or sensitive data through logs, UIs, or downstream systems.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal