ClawHub

Global Model Price Finder

Security checks across malware telemetry and agentic risk

Overview

This skill is a small pricing viewer with an optional command that edits OpenClaw model configuration, and the sensitive behavior is disclosed and purpose-aligned.

Install only if you are comfortable with a skill that contacts palebluedot.ai for public pricing and, when you run enable, edits your OpenClaw configuration. Review the generated backup if model behavior changes unexpectedly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill advertises itself as a simple pricing viewer, but the documented behavior includes network access and modification of local configuration without declaring permissions. Undeclared file and network capabilities reduce transparency and prevent informed user consent, which is a real security issue even if the intended function is not overtly malicious.

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
There is a significant mismatch between the stated purpose and the reported behaviors: beyond showing pricing, the skill classifies user tasks, gives model-selection guidance, and alters local configuration with backups and fallback entries. This hidden or under-disclosed functionality increases the risk of unauthorized configuration changes and makes the skill harder for users and reviewers to trust safely.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation says the enable command writes to ~/.openclaw/openclaw.json, but it does not clearly warn the user that invoking the command modifies a local file. Silent or poorly disclosed file writes can lead to unintended persistence, configuration tampering, or accidental breakage of the user's environment.

VirusTotal

48/48 vendors flagged this skill as clean.

View on VirusTotal