ClawHub

Supalytics - Web Analytics

Security checks across malware telemetry and agentic risk

Overview

The skill appears to support a legitimate analytics CLI workflow, but its setup instructions include admin-level system changes that should be reviewed before installation.

Review the install steps before using this skill. Prefer a user-local PATH setup over sudo symlinks, avoid running remote install scripts blindly, and only allow site create/update/remove commands when you explicitly requested those administrative changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The skill is described as an analytics query tool, but the documentation also includes site creation, update, default-selection, and removal commands. Expanding operational scope beyond the declared purpose increases the chance an agent performs unintended state-changing actions on user analytics configuration rather than read-only queries.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
The skill instructs the use of sudo to create system-wide symlinks in /usr/local/bin, which modifies privileged system state outside the narrow purpose of querying analytics. In an agent context, this is dangerous because it encourages elevation and persistent filesystem changes that could be abused or could overwrite trusted binaries.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation includes privileged system modification commands without explaining their system-wide effect or the risks of overwriting executable paths. Lack of warning makes accidental misuse more likely, especially when an autonomous or semi-autonomous agent may execute setup instructions literally.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal