Environment variable access combined with network send.
Critical
- Code
- suspicious.env_credential_access
- Location
- dist/index.js:4232
- Evidence
function resolveOpenCommand(url2, env = process.env, platform = process.platform) {
Security audit
Security checks across malware telemetry and agentic risk
The package is a disclosed ClawHub CLI/admin/developer toolkit with powerful authenticated operations, but I found no hidden, automatic, or purpose-mismatched unsafe behavior.
Install the public CLI only if you expect it to contact ClawHub, store a local API token after login, write skill files under your configured skills directory, and optionally report install telemetry while logged in. Treat the private admin and staff skills as operator tooling: use them only with the right ClawHub role and review confirmations before moderation, email, migration, or publishing actions.
61/61 vendors flagged this plugin as clean.
Detected: suspicious.env_credential_access
function resolveOpenCommand(url2, env = process.env, platform = process.platform) {