ClawHub

Coc Keeper

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent tabletop game assistant that reads and writes local campaign files for gameplay, with some ordinary file-handling cautions but no evidence of malware or hidden data theft.

Install only if you are comfortable with the agent reading your scenario and character files and saving local campaign notes. Use a dedicated game folder, avoid path-like character or module names, review any prompt before clearing an existing folder, and delete game_state.md or the campaign folder when you no longer want the session retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
82% confidence
Finding
The skill instructs the agent to read and write arbitrary files in the workspace (`pl/`, `kp/`, `skills` directories) and to clear existing folders, but it declares no permissions or safety boundaries. That creates a real capability-governance issue: users and host systems cannot reliably constrain or audit file access, and destructive actions like wiping an existing module folder could affect unrelated data if path handling is loose.

Context-Inappropriate Capability

Low
Confidence
83% confidence
Finding
Batch processing accepts attacker-controlled player names and uses them to build output filenames without sanitization. If this skill is run on untrusted input, a crafted player name containing path separators or special path components could cause files to be written outside the intended output directory or overwrite unexpected files.

Missing User Warnings

Low
Confidence
82% confidence
Finding
The README advertises automatic reading of user-provided module files and recovery from a persisted `game_state.md`, but it does not warn users that the skill may access, parse, and retain their supplied content. This is primarily a transparency and privacy issue: users may share scenario files or session data without understanding that the agent will ingest and potentially persist them across sessions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal