ClawHub

Data Governance

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed data-governance helper that connects to user-specified databases to inspect schemas and selected table data, with no evidence of hidden execution, exfiltration, mutation, or persistence.

Install this only for databases you own or are authorized to inspect. Use a dedicated read-only database account scoped to the needed tables, avoid putting real passwords in command-line connection strings, and review generated reports before sharing because they may contain schema names, sensitive field names, or sampled data-derived quality findings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill documentation instructs users to set database credentials via environment variables, install packages, and run scripts that connect to databases, but the skill does not declare corresponding permissions. Undeclared access to env, file writes, and network/database connectivity reduces transparency and can lead to unexpected credential use or data access in environments that rely on permission declarations for trust and sandboxing.

Tp4

High
Category
MCP Tool Poisoning
Confidence
92% confidence
Finding
The skill is presented as a data governance and asset-management helper, but its usage instructions show direct database access and possible reading of schema and table data without clearly disclosing that behavior in the description. This mismatch is dangerous because users may invoke the skill expecting advisory/reporting behavior while actually granting it access to sensitive production data, increasing the risk of unintended exposure or over-privileged execution.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal