ClawHub

Shipping Calc

Security checks across malware telemetry and agentic risk

Overview

This looks like a disclosed shipping calculator, but crafted inputs could make its shell script run unintended local commands.

Review or patch the script before installing. It should validate numeric fields and pass values to awk as data, not executable source; avoid using it on shipping details copied from untrusted messages, files, or websites.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Tp4

High
Category
MCP Tool Poisoning
Confidence
88% confidence
Finding
The skill is presented as a shipping cost estimator, but the documented commands expand its scope to package tracking and batch file processing. This hidden capability increases attack surface and can mislead users or orchestrators into invoking filesystem- or network-relevant behavior they did not consent to under the declared purpose.

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The documentation frames the skill as a cost estimator, yet it also exposes shipment tracking and batch file processing operations. In agent ecosystems, such scope drift is dangerous because downstream systems may grant trust based on the advertised purpose while the skill performs broader actions involving external lookups or local file handling.

Context-Inappropriate Capability

Low
Confidence
84% confidence
Finding
Batch file processing is not justified by the stated purpose of estimating shipping costs and introduces a higher-risk input surface. Even without code shown here, accepting a file as input can enable unintended access to sensitive local data, unsafe parsing, or abuse through oversized or crafted files when users expect only simple calculator behavior.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal