ClawHub

CCPA-Compliance(CCPA合规工具)

Security checks across malware telemetry and agentic risk

Overview

This is a local CCPA/CPRA helper with no evidence of data theft or destructive behavior, but it overstates its compliance and safety results in ways users should review carefully.

Install only if you understand this as a local checklist/report generator, not a real legal compliance verifier. Do not rely on its pass/fail output for CCPA/CPRA decisions without independent review, and avoid putting sensitive personal or business details into generated reports unless you can protect the local files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (9)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
for cmd in test_commands:
                try:
                    result = subprocess.run(
                        cmd,
                        capture_output=True,
                        text=True,
Confidence
92% confidence
Finding
result = subprocess.run( cmd, capture_output=True, text=True, timeout=10

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
In non-interactive mode, the tool unconditionally marks every compliance check as PASSED with a default score, despite claiming to perform a CCPA/CPRA compliance assessment. This can mislead users into believing they are compliant when no factual evaluation occurred, creating significant legal, operational, and privacy risk if the report is relied upon for decision-making.

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The header and documentation describe the script as a compliance checking tool, but the implemented behavior does not substantively verify compliance and instead auto-passes checks. This mismatch is dangerous because users may place unwarranted trust in the output, especially in a regulatory context where inaccurate assessments can lead to statutory violations and enforcement exposure.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
Interactive mode treats nearly any non-trivial user response as a passed check, rather than validating the substance of the answer against CCPA/CPRA requirements. This creates a false sense of assurance and enables inaccurate compliance reports based on arbitrary or incomplete text input.

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The CLI exposes opt-out types such as 'sharing' and 'marketing', but the generated results dictionary never defines the corresponding keys and later indexes them directly. An attacker or ordinary user can trigger a runtime KeyError with valid advertised input, causing a denial of service for the check workflow and undermining the reliability of compliance reporting.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
A security-check utility is expected to inspect files, not execute other project code. By launching ccpa-check.py, this file performs behavior outside a narrow local compliance scan and could run arbitrary logic embedded in that secondary script, undermining the claimed safety boundary.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The file claims to verify 'security' and 'pure local operation', but the implementation relies on keyword heuristics and still executes another script. This mismatch can mislead users into over-trusting the checker and installing or running a skill that has not actually been proven safe.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The tool saves audit details and potentially sensitive user responses to disk without an explicit warning, consent flow, data minimization, or storage protection guidance. In a privacy-compliance context, the saved report may itself contain sensitive operational or personal information, increasing exposure if written to insecure locations or retained too long.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script invokes a subprocess without an explicit user-facing warning or confirmation, despite being framed as a safety tool. In this context, silent execution increases the chance that a reviewer will run untrusted code unintentionally while expecting passive analysis only.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal