ClawHub

Commute Traffic

Security checks across malware telemetry and agentic risk

Overview

The skill appears to do real commute traffic lookups, but its instructions can lead an agent to place user-provided locations directly into a shell command.

Install only if you are comfortable sending route locations to TomTom and can ensure the agent invokes the helper with safely separated arguments rather than interpolating raw user text into a shell command. Be cautious with vague prompts like “Should I leave now?” if the agent may infer home or work addresses from memory or prior chat.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill invokes a Python script that uses an API key from the environment and performs external TomTom API calls, but the skill does not declare explicit permissions for those capabilities. Undeclared env and network access reduces transparency and weakens policy enforcement, making it easier for a seemingly simple skill to access secrets or send data off-box without clear approval boundaries.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The invocation description is broad and maps to common everyday phrases like 'Should I leave now?' or 'What's the commute like?', which increases the chance the skill is triggered in ambiguous situations. Over-broad triggering can cause unintended execution, unnecessary network requests, and leakage of contextual location information if the agent infers origin/destination from prior conversation without sufficiently explicit user intent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal