ClawHub

Missionclaw

Security checks across malware telemetry and agentic risk

Overview

This MissionClaw skill appears purpose-aligned, but it can make persistent project, agent, and scheduled-task changes through a local API without enough scoping or confirmation detail.

Review this before installing if your MissionClaw workspace contains sensitive projects or controls agent automation. Only use it with a trusted local MissionClaw instance, confirm exactly what data each command sends, and check that created projects, assignments, and scheduled tasks can be listed, audited, and removed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill advertises network access to a localhost API and operational capabilities, but does not declare permissions or boundaries for those actions. Missing permission disclosure makes it harder for users or the platform to assess what the skill can reach and increases the risk of unintended local service interaction.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The activation language is broad and overlaps with many ordinary user requests such as creating projects, managing tasks, or scheduling work. Overbroad triggering can cause the skill to activate in contexts the user did not intend, leading to unsolicited API calls or modifications in the local MissionClaw instance.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill promotes cron-based scheduling and one-click execution without warning about persistence, repeated execution, or operational side effects. Scheduled tasks can create ongoing actions on the host or connected systems, so omitting safety guidance increases the chance of accidental or abusive automation.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill sends user-supplied project details to an external HTTP service at the point of `/mc create` without any user-facing disclosure or confirmation. This is risky because project descriptions may contain sensitive business information, and the default endpoint uses unencrypted `http://localhost:3000`, which further increases exposure if the service is remote, proxied, or misconfigured.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The command descriptions are overly broad ('Send project to MissionClaw team') and do not define what data may be sent, under what conditions, or any approval boundaries. In a skill that integrates with project management and agent orchestration over a local API, this ambiguity can cause users or higher-level agents to invoke the command on sensitive project data without clear scope, increasing the risk of unintended data disclosure or unauthorized task creation.

Session Persistence

Medium
Category
Rogue Agent
Content
---
name: missionclaw
description: >
  Integrates with MissionClaw for project management and AI agent orchestration. Use when the user wants to create projects, manage tasks via Kanban, assign work to agents, view organization charts, or schedule automated tasks. Calls the MissionClaw API at http://localhost:3000.
---

# MissionClaw Skill
Confidence
81% confidence
Finding
create projects, manage tasks via Kanban, assign work to agents, view organization charts, or schedule automated tasks. Calls the MissionClaw API at http://localhost:3000. --- # MissionClaw Skill Th

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal