ClawHub

Odoo Manager

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate Odoo management skill, but it gives an agent broad authority to change or delete live business records without clear built-in confirmation safeguards.

Install only if you intend to let the agent manage Odoo data. Use a dedicated least-privilege Odoo API key, verify the active URL/database/user before every write or delete, test changes in staging first, avoid broad bulk operations, and clear session context after sensitive work.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The README explicitly promotes generic create, update, and delete operations against live Odoo business objects, but it does not require confirmation, dry-run behavior, environment safeguards, or warnings about destructive changes. In a skill that supports dynamic instance/database switching and generic ORM access, this increases the likelihood of accidental modification or deletion of production data due to user misunderstanding or mis-targeting.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly advertises destructive capabilities including generic `unlink` and broad CRUD on any Odoo model, but does not require confirmation, scoping, or safety checks before deletion or modification. In an agent setting, this raises the risk of accidental or prompt-induced destructive actions against production ERP data, especially because the skill also supports dynamic switching between instances and databases.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal