ClawHub

Chemical Storage Sorter

Security checks across malware telemetry and agentic risk

Overview

This skill is not malware, but it overstates chemical safety and compliance capabilities while using a simple, error-prone local classifier.

Install only as a rough educational or inventory-drafting aid. Do not use it as the basis for real lab storage, inspections, relocation, or training unless every result is verified against SDS documents, institutional EHS rules, authoritative compatibility charts, and qualified safety personnel. Review any file reads or writes the agent proposes, because the skill can work with local inventory files despite saying otherwise.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The documentation states there is no file system access, yet the skill includes example code that opens and reads a local inventory file. This creates a misleading security posture: users may grant or run the skill under incorrect assumptions about disk access, which can affect trust, sandboxing decisions, and review outcomes.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The CLI compatibility-check path is implemented incorrectly: when `--check` is used, the code compares `args.chemicals or ""` against `args.check`, so invoking `--check` alone silently checks an empty string against the provided chemical. In a lab-safety tool, this can produce misleading 'compatible' output and unsafe storage decisions because users may believe they validated two chemicals when they did not.

Missing User Warnings

High
Confidence
94% confidence
Finding
This skill provides storage-safety guidance for hazardous chemicals using simple substring heuristics and fixed groups, but it does not warn users that the results are incomplete and must not be used as the sole basis for laboratory storage decisions. In this context, the omission is dangerous because misclassification or over-trust could lead to incompatible chemicals being stored together, causing fire, toxic gas release, or other serious lab incidents.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal