ClawHub

Cline Kanban

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Cline automation guide, but it gives users patterns for unattended code changes, network-exposed Kanban control, commits, pushes, and deployments without enough safety boundaries.

Install only if you intend to give Cline substantial authority over a specific repository. Use disposable worktrees or protected branches, review diffs before committing or deploying, keep Kanban on localhost unless protected by VPN/firewall/authentication, avoid passing API keys as CLI flags, and use least-privilege credentials you can rotate.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill promotes headless, autonomous file modification workflows using `cline -y` without prominently warning that this grants an agent broad authority to change source code automatically. In the context of a coding-agent skill, that increases the chance of unsafe changes, repository corruption, or unintended modification of sensitive files if users apply it incautiously.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The authentication section instructs users to pass API keys on the command line and identifies secret file locations, but it does not warn that CLI arguments may be exposed through shell history, process listings, logs, or CI traces. In a tool meant for automation and background jobs, that omission materially raises the risk of credential leakage.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill documents binding the Kanban service to `0.0.0.0` for remote access but does not clearly warn that this exposes the service beyond localhost. Because Kanban controls autonomous coding tasks and worktrees, exposing it on the network can permit unauthorized access or misuse if the host is reachable and not otherwise protected.

Missing User Warnings

High
Confidence
95% confidence
Finding
This section describes a fully autonomous workflow that reviews diffs, commits, pushes, deploys with credentials, and launches further code review, but it does not foreground the operational risk of allowing an agent to act on production-connected credentials. In practice, this can lead to unauthorized deployments, destructive repository actions, or propagation of unsafe code without human approval.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal