ClawHub

Contactor

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a local equipment-entry logger presented as a contactor/starter selection and status tool, which creates a misleading safety and persistence risk.

Install only if you intend to use this as a local note/config logger, not as a real contactor or starter status checker. Review where it writes data, what remove/export/config do, and avoid entering sensitive operational identifiers unless you are comfortable with them being stored locally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The script’s advertised purpose is contactor/starter selection and status checking, but the implemented behavior is a generic local logger and config store. This mismatch is security-relevant because users may provide operational or sensitive equipment data under false assumptions, causing unintended collection and persistence of data outside the stated tool purpose.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The 'status' command implies checking real contactor status, but it only prints script version, storage path, entry count, and disk usage. In this skill context, that is misleading and may cause operators to trust a nonfunctional status check, creating unsafe decisions based on absent or fake equipment visibility.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The command list includes potentially destructive or file-affecting actions such as add, remove, export, and config, but the skill provides no warnings about data persistence, overwriting, deletion, or where files are written. In an agent setting, omitted warnings make it easier for a model or user to trigger local state changes unintentionally and harder to assess operational risk before execution.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
User-supplied values are appended directly to a persistent file in the user’s home directory without warning, consent, retention policy, or access controls. In a tool presented as an industrial selection/status utility, users may enter device identifiers, configuration details, or other sensitive operational data that then remains on disk unexpectedly.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal