ClawHub

system-monitor-tool

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward local system monitor, though its reports can reveal private system details.

Install only if you are comfortable running local diagnostic shell commands. Avoid sharing raw output from process, disk, or network commands unless you have reviewed it for sensitive names, command-line arguments, IP addresses, or project folders; use watch mode only when you intentionally want continuous foreground monitoring.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The README advertises process listing and continuous watch mode even though the declared skill scope is limited to CPU, memory, disk, and network monitoring. This creates a scope mismatch that can mislead an agent or reviewer about the skill’s actual capabilities, increasing the risk of exposing process metadata or enabling persistent monitoring behavior beyond what was approved.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The disk command goes beyond reporting disk utilization and enumerates the largest folders under the user's home directory. That can expose sensitive file and directory names, project names, or personal data patterns that are not necessary for basic system resource monitoring and exceed the skill's stated scope.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
Listing top processes with full `ps aux` output reveals command lines, usernames, and details about running software that may include secrets in arguments or sensitive application activity. While process monitoring is adjacent to system monitoring, the manifest emphasizes resource status, so exposing detailed process data is broader than necessary and increases privacy and information-disclosure risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill documentation omits any warning that commands like process listing, network status, and full system status can expose sensitive operational data, including process names, host connectivity state, uptime, and resource usage. In shared, logged, or untrusted environments, accidental invocation could disclose information useful for reconnaissance or leak private workload details.

Missing User Warnings

Low
Confidence
95% confidence
Finding
The network check sends traffic to an external IP address (`8.8.8.8`) without informing the user. Even though the request is small, it creates outbound network activity, may violate expected offline behavior or policy constraints, and leaks that the host is running this check to a third party.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal