ClawHub

ai-market-report

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent market-report generator that uses public web/App Store searches and creates local report files, with some usability and privacy cautions but no malicious behavior found.

Install only if you are comfortable with the skill sending market-research queries to Apple/Tavily and writing report files under the OpenClaw workspace. Avoid confidential product strategy or private company names in prompts unless approved, review generated sources before relying on the report, and treat generated HTML/PDF as untrusted output from web-derived content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill instructs reading from and writing to fixed workspace paths, but it does not declare permissions or clearly scope those file operations. Undeclared file access reduces transparency and can cause unexpected modification or exposure of user workspace data, especially when outputs are copied into a shared top-level workspace location.

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The skill claims to perform end-to-end external data collection and report generation, but the described behavior in this file only renders an existing Markdown file via a local script. This mismatch is dangerous because users and orchestrators may trust the skill with automation and external research assumptions that are not actually implemented, leading to misleading outputs, unsafe delegation, and incorrect security/privacy expectations.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill writes reports to fixed filesystem locations and later copies artifacts into the main workspace without warning the user. Silent file creation in predictable paths can surprise users, overwrite prior artifacts, leak generated content into broader contexts, or expose sensitive report contents to other tools or sessions that can read the workspace.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The skill description says it uses external services for market-data collection but does not warn that prompts, search terms, or possibly product-related inputs may be sent to third-party providers. Missing disclosure creates privacy and compliance risk because users may provide confidential targets, market strategy, or proprietary company names without realizing this data leaves the local environment.

Missing User Warnings

Low
Confidence
94% confidence
Finding
The skill instructs the agent to copy generated HTML/PDF artifacts into the shared workspace, which creates side effects outside the report-generation directory and may overwrite existing files with timestamp-derived names. Even though the source filenames are generated internally, the behavior still writes files into a broader user-visible area without an explicit confirmation or overwrite-safety check, making it a genuine safety issue.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal