ClawHub

96push

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed 96Push publishing helper with high-impact actions, but the artifacts consistently require user confirmation and match the stated purpose.

Install only if you use and trust 96Push and understand that approved actions can publish, delete, or change settings for logged-in social media accounts. Keep PUSH_API_KEY local, review targets and draft/live state before confirmation, and only upload files you intend to send to 96Push.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill can read an environment variable, access local files, and make network requests to a remote service, but it does not declare equivalent permissions in metadata. That creates a transparency and governance gap: reviewers and users may underestimate the skill's access to secrets and local resources, increasing the risk of unintended data exposure or misuse.

Tp4

High
Category
MCP Tool Poisoning
Confidence
96% confidence
Finding
The advertised description frames the skill as a helper for querying, creating, inspecting rules, and publishing with confirmation, but the file also exposes destructive and configuration-changing operations such as delete, cancel-queue, and platform-config management. This mismatch is dangerous because users or policy layers may authorize the skill based on a narrower understanding than its actual capabilities, enabling high-impact actions on connected social media accounts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal