ClawHub

GitCode API

Security checks across malware telemetry and agentic risk

Overview

This GitCode API skill is documentation-only, but it is framed as a lookup helper while including examples and references for actions that can change repositories and grant access.

Install only if you want an agent to use broad GitCode API documentation. Use a least-privilege token, avoid pasting long-lived tokens into chat or URLs, and require explicit approval before any operation that creates issues or PRs, changes files/settings, manages webhooks, transfers or deletes repositories, or adds/removes members.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The examples include creating issues, which is a state-changing write operation despite the skill being described primarily as fetch/query oriented. This mismatch can mislead users or downstream agents into granting broader trust or permissions than expected, increasing the risk of unintended remote changes.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The pull request creation example exceeds a read/query-only framing and demonstrates a repository-modifying workflow. In an agent context, this can cause unsafe assumptions about the skill's authority and lead to unintended code changes or workflow manipulation in remote repositories.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The member addition example performs an access-control change by adding collaborators, which is far more sensitive than simple data retrieval. Because the manifest frames the skill as fetch/query focused, users may not anticipate privilege-affecting actions, creating a substantial risk of unauthorized or accidental access grants.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The examples instruct use of an authentication token but provide no handling, storage, redaction, or scope-minimization guidance. In practice this increases the likelihood of token leakage through copy/paste, logs, screenshots, source control, or over-privileged usage.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The state-changing issue-creation example lacks a warning that it will modify remote repository data. Without this context, users or agents may run it expecting a harmless query example and accidentally create records in production repositories.

Missing User Warnings

High
Confidence
97% confidence
Finding
Adding a project member changes repository access and can materially affect confidentiality, integrity, and governance. Omitting a warning about the permission impact makes this especially dangerous in an agent or automation setting where users may not realize the example grants access to another account.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal