ClawHub
Back to skill

Security audit

能源电力采招分析仪-电力招标网

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed procurement-analysis API helper, but its documented data access is broader than its energy-power description and includes project contact lookup without enough scoping guidance.

Review before installing. This skill may be appropriate for legitimate procurement and energy-market analysis, but install it only if you are comfortable using a third-party API key and sending procurement, company, product, and market queries to the vendor. Treat returned contact data as sensitive business information, avoid unsolicited outreach or profiling, and manually constrain searches to the intended energy/power scope.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The skill advertises `get_company_contacts`, which enables retrieval of project contact information unrelated to the stated purpose of bid concentration analysis. Exposing contact lookup in a broadly callable skill increases the risk of unnecessary collection of personal/business contact data, enabling targeted outreach, profiling, or misuse beyond the user’s analytical need.

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The documented APIs provide broad procurement and market-intelligence functionality across many industries, while the skill manifest claims a narrower energy/power bid analysis purpose. This scope mismatch increases the risk of overbroad data access and misuse because an agent triggered for energy-related queries could still invoke generic market-analysis capabilities outside the user's expected context.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The file exposes cross-industry intelligence features such as top purchasers, suppliers, brands, aggregation, and price trends using examples from AI, servers, and medical devices, which materially exceeds the stated energy/power-only purpose. In an agent setting, this can enable unauthorized competitive intelligence collection or policy bypass by repurposing the skill for unrelated sectors.

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The API documentation exposes a generic procurement-search surface that substantially exceeds the skill's declared energy/power analysis scope. This scope drift can enable unintended use cases, weaken policy enforcement, and make it easier for an agent to retrieve and act on unrelated market intelligence outside the approved domain.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The documentation explicitly instructs the agent to automatically expand a user's input from a shorthand company name to all matching headquarters and subsidiaries, then use the full set for downstream analysis without user confirmation. This can cause over-collection and analysis of entities the user did not intend, creating scope creep, privacy concerns, and a risk of misleading or excessive data retrieval in a procurement-analysis context.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The contacts endpoint exposes project contact information, including names, partially masked phone numbers, role information, and links to related bid records, but the documentation provides no privacy, sensitivity, or acceptable-use guidance. In this skill's procurement and bidder-analysis setting, such data could be aggregated for profiling, unsolicited outreach, or social-engineering against tender participants and company staff.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.