ClawHub

YouMind CLI

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed YouMind CLI helper that can operate a YouMind account with an API key, so it should be installed only by users who want that integration.

Install this only if you want OpenClaw to operate your YouMind account. Use a limited or revocable API key if available, avoid pasting secrets into chat or command history, verify the @youmind-ai/cli package source, and require explicit confirmation before publishing, trashing, installing skills, or creating scheduled tasks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger description is extremely broad and covers nearly any YouMind-related action, including API discovery and direct operations. This can cause the skill to activate in situations where a narrower or safer skill would be more appropriate, increasing the chance of unintended external actions or over-privileged workflow guidance.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The authentication section tells users to export or pass `YOUMIND_API_KEY` but does not warn about shell history, process listing exposure, logging, or accidental echoing of secrets. In an agent setting, omission of credential-handling safeguards can lead to key disclosure through transcripts, command logs, or reused terminal sessions.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The default prompt says to 'handle this YouMind task' and 'search for the right API when needed' but does not define clear trigger boundaries, allowed operations, or approval requirements for writes. In a skill that can manage boards, notes, documents, chats, skills, and scheduled tasks, this ambiguity can cause overbroad invocation and unintended state-changing API calls based on loosely scoped user requests.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal