ClawHub

LinkMind Interaction

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly transparent about managing LinkMind channels, but it can perform persistent remote changes, including deletion, using a local API key with limited safety guidance.

Install only if you intend to let an agent manage your LinkMind account and channels on the hosted server. Keep the API key in a private config file passed with --config, review targets before any send/create/disable/delete action, and require explicit confirmation before channel deletion or other persistent changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
96% confidence
Finding
The skill clearly instructs the agent to read configuration files, use an API key from local config, and make network requests to a remote hosted server, yet no explicit permissions are declared. That mismatch can bypass least-privilege expectations and make it harder for reviewers or enforcement systems to understand that the skill can access secrets and perform state-changing remote actions.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill description advertises destructive actions such as disable and delete of channels without warning that these operations change persistent server state and may remove user-managed resources. In an agent setting, terse descriptions are often used for tool selection, so missing safety context increases the risk of accidental destructive execution from ambiguous user requests.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documented example includes a delete command with a force-style `--yes` flag but provides no adjacent warning, confirmation guidance, or rollback caveat. This normalizes non-interactive deletion and makes accidental or overly broad destructive actions more likely when an agent follows examples literally.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script automatically reads an API key from environment variables, stdin, or local files and then sends that credential-derived identity plus user, channel, and message data to a remote hosted service. In an agent skill context, the lack of explicit user-facing disclosure or confirmation is risky because users may believe the tool is only performing local operations while it is actually transmitting sensitive identifiers and social data off-host.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal