ClawHub

military bidding email

Security checks across malware telemetry and agentic risk

Overview

This looks like a real military-procurement email reporting tool, but it should be reviewed because it sends email using local SMTP credentials while relying on missing/unreviewed fetching code and loosely scoped local configuration.

Install only if you trust the missing milb_fetcher component and understand that running the command can email generated reports and attachments to configured recipients. Use a dedicated SMTP account, verify EMAIL_TO and EMAIL_CC before each run, avoid running it from directories with unrelated .env files, and prefer explicit /milb-email commands over generic email requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill advertises operational capabilities including file read/write and shell execution, but does not declare permissions or constraints in the manifest. This weakens policy enforcement and user awareness, making it easier for the skill to access local files, generate reports, or invoke binaries without explicit approval boundaries.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases are broad everyday terms like '发送邮件' and '邮件通知', which can cause the skill to activate for generic user requests unrelated to this specialized military-procurement workflow. Because the skill can generate files and send SMTP email, accidental invocation could lead to unintended data transmission or misuse of configured mail credentials.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The description explains how to use the tool but does not clearly warn users that report data will be transmitted externally via SMTP email. In a workflow involving procurement data, lack of disclosure increases the chance users trigger network exfiltration of sensitive or regulated information without informed consent.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal