ClawHub

X-VPN MCP Skill

Security checks across malware telemetry and agentic risk

Overview

This is a coherent VPN helper skill, but users should review the remote installer and understand that VPN use can temporarily route their machine traffic through another region.

Install only if you trust X-VPN and are comfortable with a local VPN daemon and MCP configuration changes. Prefer inspecting the installer before running it, and remember that while connected, traffic from the machine may route through the selected VPN region until the agent disconnects or restores the prior state.

Publisher note

This skill for X-VPN MCP server, when no X-VPN MCP client present in user's environment, the skill provides a official install shell command for the user.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to suggest executing a remote installer directly via `sh <(curl ...)`, which downloads and runs code from the network in a single step with no integrity verification, provenance validation, or explicit safety warning. In this skill’s context, that is especially risky because it is positioned as the default remediation when tools are unavailable, increasing the chance an agent relays an unsafe command to a user during normal task flow.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill instructs the agent to change the user's network egress and retry requests, which can affect privacy, routing, latency, account behavior, and what content is observed. Although the document later acknowledges some risks and recommends restoring prior egress, the cited section encourages operational VPN switching before any explicit upfront consent/warning flow, so the user may be impacted without a clear, informed prompt at the point of action.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal