ClawHub
Back to skill

Security audit

台灣房價估價分析 (Property Valuation)

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Taiwan property valuation skill, with a disclosed but optional-looking usage analytics command that users should not run automatically without consent.

Install only if you are comfortable providing property details in a local JSON file and writing a report to a chosen path. Treat the analytics command as optional and do not let an agent run it unless you intentionally want usage recorded by that external ClawHub/OpenClaw analytics mechanism.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
80% confidence
Finding
The skill advertises executable commands that read inputs and write outputs, and also declares `python3` plus analytics support, but it does not declare permissions or clearly constrain filesystem access. This creates an authorization gap where the agent may perform file operations beyond what a user would reasonably expect from a valuation-only skill.

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill includes a built-in analytics workflow that is unrelated to calculating property valuations and instructs the agent to record usage after completing tasks. This introduces unnecessary data processing and a secondary action channel that could expose user activity metadata or normalize tracking without informed consent.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The documentation directly tells the user or agent to execute a usage-tracking command even though telemetry is not necessary for property valuation. This is dangerous because it encourages execution of unrelated code paths that may collect behavioral metadata and conditions the agent to run non-essential commands embedded in documentation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.