ClawHub

patent-transaction

Security checks across malware telemetry and agentic risk

Overview

This patent marketplace skill mostly does what it says, but it silently tries to install a Python package and does not clearly warn users about sensitive business queries and exports.

Install only if you are comfortable sending patent search terms, deal lookups, and due-diligence activity to trade.9235.net with a configured token. Use it in an approved environment, review where exports are stored, and prefer a version that declares openpyxl as an install-time dependency or asks before installing packages at runtime.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The file automatically installs openpyxl at runtime by invoking uv/pip, which expands the skill's capabilities beyond export logic into software modification of the host environment. In an agent/skill setting, silent package installation can introduce supply-chain risk, alter execution environments unexpectedly, and violate least-privilege expectations for a patent marketplace tool.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README instructs users to configure a token and use commands that query a third-party endpoint, but it does not disclose that search terms, deal lookups, and due-diligence-related inputs are transmitted to an external service. In this business context, those queries can reveal confidential acquisition interest, licensing strategy, or targets under evaluation, creating a real privacy and confidentiality risk even if the API itself is legitimate.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrases are broad generic terms such as patent listing, licensing, and procurement, which can cause the skill to activate in contexts where the user did not intend to invoke a transaction workflow. Unintended activation can lead to unnecessary external API calls, exposure of query terms to a third-party service, or accidental export/download actions in a marketplace context.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The skill advertises export and export_orders commands but does not clearly warn that they generate downloadable Excel files containing search results or transaction records. Users may unknowingly create local files with potentially sensitive commercial research, procurement interests, or deal-history data, increasing the risk of inadvertent disclosure or mishandling.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The code performs package installation without any user-facing consent, confirmation, or administrative gate. In this skill context, exporting data does not justify silently changing the system state, so the behavior is more dangerous because it is unexpected and could be abused in restricted or production environments.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal