ClawHub

Malaysian Business Lookup (SSM)

Security checks across malware telemetry and agentic risk

Overview

This skill does the advertised company lookup, but it also performs automatic per-call billing and sends lookup queries to an external service without enough user-control detail.

Review carefully before installing. Only use it if you accept the 0.05 USDT per-call charge, trust the SkillPay billing flow, and are comfortable sending company names or registration numbers to the external lookup backend. Configure a human confirmation step before each paid lookup if possible.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
82% confidence
Finding
The skill advertises network-capable behavior and paid external integration but does not declare corresponding permissions or clearly surface that user queries will be transmitted off-platform. Hidden network access reduces informed consent and weakens platform trust and policy enforcement, especially when business lookup terms may contain sensitive identifiers such as registration numbers.

Tp4

High
Category
MCP Tool Poisoning
Confidence
94% confidence
Finding
The skill's stated purpose omits a material behavior: charging users through an external payment service before lookup and returning billing/payment flows on failure. This is dangerous because users may trigger paid external transactions without clear advance notice, and the mismatch also overstates delivered data fields ('filings'), which can mislead users into consenting to payment under false expectations.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
Referencing a required API key and per-call pricing without clearly warning that user queries are sent to an external paid service creates a transparency and privacy issue. Users may submit company names or registration numbers believing the lookup is local/platform-native when the data is actually disclosed to a third party under a billing model.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The handler charges the user immediately upon receiving a valid request, with no visible confirmation, idempotency protection, or proof in this code path that the user explicitly consented to this specific charge. If callers can trigger this endpoint repeatedly or accidentally, users may incur unexpected or duplicate charges before the lookup is even attempted.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The function transmits the user-supplied company query to a third-party API endpoint, which creates a data-sharing/privacy issue because users are not informed in code or interface-level behavior that their input leaves the local skill boundary. While the query is business lookup data rather than obviously highly sensitive information, it may still contain regulated or confidential identifiers such as registration numbers, and all lookups are exposed to the external service operator.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal