Env credential access
Critical
- Finding
- Python code POSTs credential environment variables to an environment-controlled URL.
Senior Fullstack
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a normal full-stack scaffolding and code-audit helper, but it can read and write local project files, so users should run it only in intended workspaces and review generated code.
This skill is reasonable for scaffolding and auditing full-stack projects. Before installing or using it, review the bundled Python scripts, run them only in a chosen project folder, use simple project names, replace placeholder secrets in generated templates, and inspect generated files before running npm install or starting development servers.
Static analysis
Env credential access
Critical
- Finding
- Environment variable access combined with network send.
Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
Generated source template injection
Critical
- Finding
- User-controlled placeholder is embedded directly into generated source code.
VirusTotal
54/54 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
#
ASI02: Tool Misuse and Exploitation
Low
What this means
If run in the wrong directory or on too broad a path, the scripts could create files where the user did not intend or analyze sensitive local code.
Why it was flagged
The skill explicitly tells users to run local scripts that create project files and scan local project directories.
Skill content
python scripts/project_scaffolder.py nextjs my-app --output ./projects ... python scripts/code_quality_analyzer.py /path/to/project --json --output audit.json
Recommendation
Run commands only in a dedicated workspace, pass explicit project paths, and review generated files and reports before using them.
#
ASI04: Agentic Supply Chain Vulnerabilities
Info
What this means
Users have less external context for verifying who maintains the scripts or where updates come from.
Why it was flagged
The skill includes executable scripts but does not provide an external source or homepage for provenance validation.
Skill content
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Recommendation
Inspect the bundled scripts before running them, and prefer using the skill in a disposable or version-controlled project directory.
#
ASI05: Unexpected Code Execution
Low
What this means
Unusual project names containing quotes, newlines, or code-like text could break or alter generated files if not sanitized before the generated app is run.
Why it was flagged
The scaffolder embeds the user-provided project name directly into generated source-code templates.
Skill content
title: "{project_name}" ... app = FastAPI(title="{project_name}", openapi_url="/api/openapi.json")Recommendation
Use simple project names, avoid untrusted text as a project name, and inspect generated source before installing dependencies or starting the app.
#
ASI06: Memory and Context Poisoning
Info
What this means
Audit reports may reveal sensitive project structure or security issue locations, even if the visible analyzer code does not show network exfiltration.
Why it was flagged
The analyzer is designed to inspect local code and can write a report summarizing security findings.
Skill content
Security vulnerabilities (hardcoded secrets, injection risks) ... Save report to file: python scripts/code_quality_analyzer.py . --output report.json
Recommendation
Store generated audit reports securely and avoid scanning directories that contain unrelated private material.