ClawHub
Back to skill

Security audit

Geopolitical Monitor

Security checks across malware telemetry and agentic risk

Overview

This is a local demo-style geopolitical report generator with no hidden high-risk behavior, but its outputs should not be treated as live market intelligence.

Install only if you are comfortable with a local script creating reports under ~/shared_memory/geopolitical. Treat the included analysis as mock/demo content, not live geopolitical monitoring or investment advice, unless you fix the script and add validated real data sources. The requests dependency is not needed by the current artifact.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The script presents itself as an RSS/geopolitical monitor and emits report fields such as "data_source": "rss_monitor_v2" and "search_status": "success", but it only analyzes hardcoded MOCK_NEWS data. This can mislead downstream users or automated systems into treating synthetic data as live intelligence, creating integrity and decision-making risk in a context that appears operational rather than clearly demonstrative.

Missing User Warnings

Low
Confidence
89% confidence
Finding
The skill explicitly states that it will automatically persist monitoring reports to JSON files, but it does not warn the user, request consent, or describe retention/sensitivity considerations. Even if the data is mostly market/news analysis, silent disk writes can create privacy, storage, and operational risks in shared or agent-managed environments.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.