ClawHub

Kanboard Skill

Security checks across malware telemetry and agentic risk

Overview

This Kanboard skill appears legitimate, but it gives an agent broad ability to change or delete Kanboard data without enough documented guardrails.

Install only if you trust the configured Kanboard server and are comfortable giving the agent write and delete authority over your Kanboard data. Use HTTPS, prefer least-privilege user credentials over a broad Application API token where possible, keep tokens out of logs and transcripts, and require explicit confirmation plus a read-only lookup of affected IDs before any remove, disable, permission-change, or bulk operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger list includes generic phrases like "add comment" and "kanboard" that can match ordinary user requests and cause this skill to activate unexpectedly. Because the skill supports state-changing operations such as creating, moving, and deleting tasks and projects, overly broad activation increases the risk of unintended API actions against a live Kanboard instance.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs use of Basic Auth credentials and transmits project data to a remote JSON-RPC endpoint, but it does not clearly require HTTPS or warn that credentials and sensitive project content will traverse the network. If users configure an insecure URL or operate through untrusted intermediaries, credentials and task data could be exposed or intercepted.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal