ClawHub

Microservice Gen

Security checks across malware telemetry and agentic risk

Overview

This looks like a local activity logger that is marketed as a Go Zero/microservice development tool, so users could store sensitive project text while expecting real generation or validation.

Review before installing. Use it only if you want a local searchable journal of development prompts or notes, not a real Go Zero generator, linter, formatter, or validator. Avoid entering secrets, proprietary code, credentials, internal paths, or incident details unless you are comfortable keeping them under `~/.local/share/microservice-gen/`, and delete that directory or exported files when no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill claims to be 'Go Zero' but documents a different tool called 'Microservice Gen' that behaves as a generic local logger. This identity mismatch can mislead users into trusting the skill with development inputs under false assumptions about provenance and function, increasing the chance that sensitive material is disclosed or retained unexpectedly.

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The commands are described as performing meaningful actions like generate, validate, lint, and format, but the later explanation says they only save input text and show recent entries. This deceptive behavior can cause users to assume code was checked or transformed when it was not, creating both security and operational risk while also persisting possibly sensitive input.

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The script presents itself as a Go Zero or microservice development tool, but the help text and implemented behavior show a generic activity logger instead of framework-related functionality. This mismatch is dangerous because users may trust and invoke it in a developer workflow while unknowingly feeding project data, prompts, or operational context into persistent local logs unrelated to the advertised skill.

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
Commands such as generate, validate, lint, template, fix, and related actions do not perform their claimed development tasks; they simply persist arbitrary user-supplied input to log files. In the context of an agent skill, this creates a deceptive data-capture mechanism that can collect sensitive source snippets, internal paths, tokens pasted by mistake, or proprietary prompts under the guise of normal tooling.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill states that all command inputs and activity are stored locally, but it does not adequately warn that user-provided prompts, code descriptions, filenames, and possibly sensitive project details will be retained in log files and included in exports. In a developer-tool context, those inputs frequently contain proprietary code, credentials, internal architecture details, or incident notes, making silent persistence more dangerous.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This code writes raw user input to persistent log files in the user's home directory without prominent disclosure or consent. Even without code execution, this can expose sensitive data entered during normal use, especially because a development-oriented skill may receive code, configuration, credentials, or internal service details.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The export feature aggregates all recorded activity into new files on disk, increasing the exposure surface of previously captured data while giving no clear warning in the interface. This is particularly risky because it can consolidate sensitive entries into easily copied JSON/CSV/TXT artifacts that may be shared, backed up, or exfiltrated unintentionally.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal