ClawHub

TeamApp Admin

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent for TeamApp administration, but it gives an agent broad admin-session authority with weak scoping and sensitive session handling.

Install only if you intend to let the agent administer a TeamApp club account. Use a least-privileged admin session, keep TA_AUTH_TOKEN out of chats and logs, manually confirm every write or notification-sending action, restrict wrapper calls to TeamApp URLs, and remove /tmp/teamapp_cookies.txt and /tmp/teamapp_csrf.txt after use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
78% confidence
Finding
The documentation extends usage beyond the stated News/Event CRUD and ID-resolution scope by including team and roster targeting fields such as `team[access_level_ids_csv]` and `roster_access_level_id`. Scope expansion is dangerous because it normalizes use of adjacent admin capabilities that may affect authorization and audience targeting, increasing the chance of unintended privileged actions.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill metadata says Access Group support is for resolving IDs needed by other operations, but this file also documents create and update endpoints for access levels. That expands the skill's effective capability beyond its declared scope, increasing the chance an agent could perform unauthorized privilege or visibility changes if it relies on this reference material.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The metadata describes Team support as resolving Team IDs for targeting fields, but the API map includes Team create and update endpoints. This scope drift can cause agents or integrators to invoke higher-risk administrative actions not expected by users or policy, especially in a club admin context.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill tells users to supply `TA_AUTH_TOKEN`, explicitly describing it as a browser-session authentication cookie, without prominent handling warnings. Session cookies are bearer credentials; exposing, logging, reusing, or mishandling them can allow full account takeover for the associated TeamApp admin session.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill documents notification parameters that can send push and/or email messages to end users, but it does not clearly warn that create/update actions may broadcast content immediately. In an admin context this increases the risk of accidental mass messaging, spam, misinformation, or privacy-impacting disclosures to club members.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal