ClawHub
Back to skill

Security audit

knowledge-health-checker

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local Markdown knowledge-base auditor, but generated reports and repair scripts should be reviewed before opening or running them.

Install only if you are comfortable letting it scan the Markdown folder you point it at and write local report/fix artifacts. Open generated HTML reports cautiously if paths or results could be attacker-controlled, and inspect any generated repair script before running it because it may delete files or rewrite links.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill explicitly instructs the agent to read files, generate reports and fix scripts, and run bundled Python scripts, which implies file_read, file_write, and shell execution capabilities, but it declares no permissions. This mismatch is dangerous because downstream systems or reviewers may assume a lower-privilege, analysis-only skill while the skill can in practice access the filesystem and execute commands against user-supplied paths.

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The report generator inserts results['scan_path'] directly into the HTML body without escaping, even though the file defines an escape_html helper specifically for XSS prevention. If scan_path can be influenced by an attacker, opening the generated report in a browser could execute injected HTML or JavaScript, which is especially relevant because this tool produces local HTML reports intended for interactive viewing.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.