ClawHub

Bring! Shopping Lists

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it uses your Bring account credentials to read and update your Bring shopping list.

Install only if you are comfortable giving the agent access to your Bring email/password and allowing it to change your default Bring shopping list. Prefer secure environment-variable storage, consider pinning dependencies before use, and confirm ambiguous add/remove/complete requests yourself.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (8)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill declares required environment variables and uses an external API, but does not declare corresponding permissions despite clearly needing access to credentials and network connectivity. This creates a governance and transparency gap: the agent may invoke a capability that handles sensitive account credentials and remote list modifications without an explicit permission boundary or user-facing review.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The README states the agent will automatically use this skill for broad requests about shopping or groceries, which can cause the skill to trigger on ordinary conversation and perform list operations without a clearly scoped user confirmation step. In a skill that makes remote account changes, broad activation increases the chance of unintended actions and privacy-impacting API calls.

Missing User Warnings

Medium
Confidence
80% confidence
Finding
The README instructs users to provide Bring account credentials and use commands that modify a remote shopping list, but it does not prominently warn that the skill sends authenticated requests to a third-party service and can alter account data. Without an explicit privacy and account-impact notice, users may not understand the sensitivity of the credentials or the consequences of running the skill.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger scope is broad enough to match essentially any shopping or grocery-related request, increasing the chance the skill is selected when the user did not intend to operate on their Bring! account. In context, this is risky because invocation can cause state-changing actions against a real third-party service using stored credentials, so accidental or ambiguous requests may result in unauthorized list changes.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The usage/setup text instructs users to store Bring! email and password in environment variables or a .env file, but does not clearly warn that these are live account credentials used to authenticate to a third-party service. Without an explicit warning, users may underestimate the sensitivity of the credentials and the consequences of enabling the skill, especially since the skill can read and modify account data over the network.

Unpinned Dependencies

Low
Category
Supply Chain
Content
bring-api
python-dotenv
Confidence
96% confidence
Finding
bring-api

Unpinned Dependencies

Low
Category
Supply Chain
Content
bring-api
python-dotenv
Confidence
98% confidence
Finding
python-dotenv

Known Vulnerable Dependency: python-dotenv — 1 advisory(ies): CVE-2026-28684 (python-dotenv: Symlink following in set_key allows arbitrary file overwrite via )

Low
Category
Supply Chain
Confidence
87% confidence
Finding
python-dotenv

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal