ClawHub
Back to skill

Security audit

Secrets Audit

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed local secrets scanner, but its reports and optional git-history checks can expose sensitive credential material if used too broadly.

Install this only if you want a local project scanned for secrets. Point it at the smallest relevant directory, use git-history checks only when needed, and avoid sharing or committing generated reports because they may contain the secrets and surrounding code context. Do not grant wallet, purchase, OAuth, or unrelated account permissions for this skill based on the current artifacts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill instructs execution of a local Python scanner, recursive filesystem reads, optional git history inspection, and CI-oriented behavior, yet no permissions are declared. That mismatch creates an authorization and transparency problem: an agent may invoke shell, read broad project contents, and potentially write output without the user or platform having explicit guardrails for those capabilities.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The trigger phrase "security scan" is much broader than the skill's actual purpose and can cause the secrets-audit skill to activate for unrelated security requests. Misrouting broad security requests into a credential-focused scanner can lead to unnecessary access to sensitive files or execution of scanning commands in contexts the user did not intend.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.