ClawHub

Fastlane

Security checks across malware telemetry and agentic risk

Overview

This Fastlane skill appears purpose-aligned, but it needs review because it handles Apple credentials and includes commands that can submit or release apps without strong confirmation safeguards.

Install only if you intend to let an agent help with Fastlane workflows. Use least-privileged App Store Connect API keys, avoid pasting real secrets into chat or shell history, prefer CI secret stores, and require explicit confirmation before uploads, tester changes, certificate resets, App Store submission, automatic release, or force actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs users to export sensitive authentication material such as Apple ID credentials, app-specific passwords, API key paths, and inline API key JSON into shell environment variables, but it does not pair that guidance with explicit warnings about shell history, CI logs, process listings, shared terminals, or persistent shell profiles. In a deployment-oriented skill, this omission increases the chance that secrets will be exposed or stored insecurely during normal use, even if the underlying tool legitimately requires credentials.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill includes direct commands for App Store submission, automatic release, external tester distribution, and forced submission flows without consistently requiring confirmation or clearly warning about the irreversible publication impact. In an agent skill, this is risky because an automated consumer may execute these examples literally and unintentionally release software to external users or production channels.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal