ClawHub

Doge Oss Upload

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward DogeCloud OSS uploader, with the main risk being that files uploaded through it may become publicly accessible.

Before installing, confirm you are comfortable giving the skill DogeCloud credentials and letting it upload selected local files to a remote OSS bucket. Do not use it for secrets, private documents, personal data, or internal artifacts unless the bucket/object visibility matches your intended sharing model.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill clearly requires access to environment variables for cloud credentials and network access to request temporary tokens and upload files, but it does not declare any permissions for those capabilities. This creates a transparency and policy-enforcement gap: a runner or reviewer may approve the skill without realizing it can read secrets from the environment and exfiltrate local files to a remote service.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README explicitly describes uploading local files to a public OSS destination and returning a public access link, but it does not warn users that uploaded content may become publicly reachable and should not include secrets, personal data, or other sensitive material. In an agent skill context, this omission is more dangerous because users may treat file-upload automation as routine and unintentionally expose screenshots, documents, or local artifacts to the internet.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal