ClawHub

Godot MCP Integration

Security checks across malware telemetry and agentic risk

Overview

This looks like a legitimate Godot automation skill, but it gives AI clients broad project-editing and deletion power without enough documented safety controls.

Install only if you are comfortable letting an AI client control and modify your Godot project through a local MCP server. Prefer project-level configuration, review and pin the external plugin source, keep the project in version control, disable auto-start when not needed, and require explicit approval before file deletion, script overwrites, scene saves, or bulk edits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly advertises capabilities to read, write, delete, and modify project/editor state, but it does not provide any safety boundaries, confirmation requirements, or warnings about irreversible changes. In an MCP context, these operations are especially sensitive because an AI client may invoke them directly, leading to accidental code changes, asset loss, or project corruption from ambiguous or prompt-injected instructions.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The examples normalize persistent and potentially destructive operations such as writing scripts, modifying scenes, and saving changes without showing any caution, preview, or approval step. This increases the chance that downstream agents or users treat these actions as routine and execute them automatically, which is dangerous in a toolchain that can directly alter project files and editor state.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal