ClawHub

Metaso Search V2

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Metaso search connector that sends user queries, chat messages, and requested URLs to Metaso using a user-provided API key.

Install only if Metaso is approved for the data you plan to search or ask about. Use a dedicated API key, avoid sharing secrets, private documents, internal URLs, or regulated data with the tool, and monitor API usage or billing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill declares an environment variable requirement in metadata and documents direct HTTP API usage, but the static finding indicates permissions are not explicitly declared in the skill permission model despite requiring env and network capabilities. This creates a transparency and governance gap: users and platforms may not realize the skill can access secrets and send data externally, increasing the risk of unintended data exposure or overly broad execution in trusted environments.

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The tool schema descriptions for includeSummary, includeRawContent, and conciseSnippet contradict the parameter names and the request body actually sent to the external API. This can cause callers or higher-level agents to enable broader content retrieval than intended, creating accidental over-collection or privacy-impacting behavior.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The documentation advertises search, page reading, and chat features but does not clearly warn that user queries, URLs, and message contents are transmitted to an external Metaso service. Without this disclosure, users may provide sensitive prompts, internal URLs, or confidential data under the mistaken assumption processing is local, leading to privacy leakage to a third party.

Missing User Warnings

Low
Confidence
89% confidence
Finding
The skill instructs users to place an API key in environment variables and configuration files but does not warn against committing those values to source control, sharing config files, or printing them in logs. This omission can lead to credential exposure through screenshots, repos, CI logs, or shared workstation configs, enabling unauthorized use of the external API.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
This module forwards user-provided search queries, page URLs, and chat messages to a third-party service, but the file contains no disclosure, consent flow, or data-handling warning. In a skill context, this can expose sensitive prompts, URLs, or internal data to an external provider without users realizing their data is leaving the local environment.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal