ClawHub

Datafast Analytics

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate DataFast analytics helper, but it needs review because it uses a DataFast API key and can create or delete analytics/payment records while the README understates credential exposure.

Install only if you intend to let OpenClaw access your DataFast analytics and manage goals/payments. Treat the DataFast key as a real credential that is stored locally and sent to DataFast over HTTPS for each authenticated request. Protect the key file, prefer least-privilege credentials if DataFast supports them, and require a clear preflight summary before any POST or DELETE action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The README states the API key 'never leaves your machine,' but the skill necessarily sends that key to the external DataFast API to authenticate requests. This is misleading security guidance that can cause users to underestimate secret exposure and trust boundaries when using the skill.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README advertises destructive endpoints like DELETE /goals and DELETE /payments without any warning, confirmation requirement, or safe-usage guidance. In an agent setting, documenting write/delete capabilities without guardrails increases the chance of accidental or prompt-induced destructive actions against production analytics data.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs users to store a live API key in a predictable plaintext file under their home directory without any warning about filesystem permissions, shell history, backups, or multi-user host exposure. This increases the chance that local malware, other users on the system, or accidental uploads of dotfiles/backups can disclose the credential and enable unauthorized API access.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal