Skillv1.0.0

Static analysis security

ClawHub Push Skill · Deterministic local checks for risky code patterns and metadata mismatches.

SuspiciousApr 30, 2026, 5:11 AM

Summary: Detected: suspicious.env_credential_access, suspicious.potential_exfiltration
Reason codes: suspicious.env_credential_accesssuspicious.potential_exfiltration
Engine: v2.4.5

criticalpush.js:17

Environment variable access combined with network send.

suspicious.env_credential_access

warnpush.js:50

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration