ClawHub

Mysteel_ReportWrite

Security checks across malware telemetry and agentic risk

Overview

This skill coherently generates Mysteel commodity reports, but users should understand that it stores a Mysteel API key locally and sends report prompts to Mysteel.

Install only if you are comfortable storing a Mysteel API key in a local markdown file and sending report prompts to Mysteel. Avoid confidential business details unless that data sharing is acceptable, and remove or rotate the key if the workspace is shared or synced.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill requires file reads of a local credential file and network access to a third-party API, but these capabilities are not explicitly declared as permissions. That creates a transparency and governance gap: an agent may perform sensitive file and outbound network operations that users or platform policy do not expect or approve.

Tp4

High
Category
MCP Tool Poisoning
Confidence
88% confidence
Finding
The skill description overstates what the skill does and omits important behavior: it depends on a local API key file, invokes an external service, and returns an outline rather than directly producing a full report from an internal data source. Misrepresenting behavior is security-relevant because it prevents informed consent and can hide data flow to third parties.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill instructs the agent to use shell execution to run a Python script with user-influenced input. Even if the shown command is simple, introducing exec_shell greatly expands the attack surface to command injection, unsafe argument handling, environment abuse, and execution of modified local scripts.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill directs the agent to write user-provided API keys into a local file, creating a credential persistence mechanism unrelated to the core reporting task. Storing secrets in workspace files increases the risk of accidental disclosure, reuse by other tools, leakage via logs/versioning, and unauthorized local access.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill tells the agent to store a user-provided API key locally without warning about the security consequences of persistent secret storage. This is dangerous because users may unknowingly expose credentials to other local processes, future sessions, backups, repository sync, or accidental disclosure through tooling.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal