ClawHub

Overleaf

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Overleaf command-line helper, but users must handle the Overleaf session cookie carefully.

Install only if you trust the external olcli package and publisher. Treat the Overleaf session cookie like a password, keep .olauth and config files out of git and shared folders, avoid pasting the cookie where it may be logged, run logout or revoke the browser session if exposed, and review changes before push or sync.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README instructs users to pass an Overleaf session cookie directly on the command line (`olcli auth --cookie "SESSION_COOKIE"`) without any warning about secret handling. Command-line secrets can be exposed through shell history, process listings, logs, screenshots, or shared terminal transcripts, which could let an attacker hijack the user's authenticated Overleaf session.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to extract and paste a live `overleaf_session2` browser session cookie into a CLI without clearly warning that this is a highly sensitive bearer credential. Anyone who obtains that cookie can typically act as the user on Overleaf for the life of the session, exposing private documents and enabling unauthorized changes or downloads. The context increases risk because this is a general-purpose sync workflow that encourages routine use of the credential from the command line, where it may be exposed via shell history, process lists, logs, screenshots, or shared terminals.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation tells users how to retrieve and reuse the `overleaf_session2` session cookie, which is effectively a bearer credential for the Overleaf account, but it does not warn that this token is highly sensitive or that anyone possessing it may gain account access. In a CLI skill context, encouraging manual extraction and storage of a live browser session increases the risk of accidental disclosure through shell history, dotfiles, screenshots, shared directories, or logs.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal