ClawHub

PikaBoard

Security checks across malware telemetry and agentic risk

Overview

PikaBoard is a coherent local task-board integration, with visible setup and API behavior, but users should handle its bearer token carefully.

Install only if you trust the PikaBoard repository and npm dependencies. Use a dedicated PikaBoard token, avoid putting the real token in shared or version-controlled files such as TOOLS.md, configure MY_BOARD_ID before letting an agent operate, and review important task or board changes before allowing automation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The README explicitly instructs the agent to read an authentication token from `pikaboard/backend/.env`, which expands the agent's scope from task management into local secret retrieval. Even if intended for setup convenience, teaching an agent to access `.env` files normalizes secret harvesting behavior and can expose unrelated credentials if the environment or instructions drift.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The setup flow tells users or agents to export and use `PIKABOARD_TOKEN` but provides no warning that it is sensitive, should not be logged, echoed, or persisted. In an agent context, omission of credential-handling guidance increases the chance the token is exposed in transcripts, shell history, debug output, or follow-on tool calls.

Missing User Warnings

Medium
Confidence
80% confidence
Finding
The README recommends running an auto-configuration script that appears to create or configure a board, yet it does not warn that the script may alter remote state. For an autonomous agent, this missing warning is risky because it can lead to unintended creation or modification of boards/tasks outside the user's informed consent.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The trigger phrases include very broad everyday terms such as `tasks`, `board`, `todo`, and `sprint`, which can cause the skill to activate in unrelated conversations. Over-broad activation can lead an agent to expose internal task data or perform task-management actions when the user did not intend to invoke this skill.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation tells users to place `PIKABOARD_TOKEN` in `.env`, `TOOLS.md`, and exported environment variables, and explicitly shows the token in a shared tools document. Encouraging storage and sharing of a bearer token without warning about secrecy or redaction creates a high risk of credential leakage, which would allow unauthorized API access.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal