ClawHub

api-quality-check

Security checks across malware telemetry and agentic risk

Overview

The skill appears to do what it claims, but it can persist and expose API keys in generated files and report directories without clear warnings.

Install only if you are comfortable handling API credentials carefully. Use scoped test keys, avoid sensitive prompts, keep provider.json and output directories out of source control and shared hosting, review generated batch/daily files before sharing, and rotate any key that may have been printed to logs or published.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The quick-start examples direct users to pass API keys and endpoint URLs into commands that perform live network checks, but the documentation does not prominently warn that credentials and prompt/test data will be transmitted to third-party services. In a skill meant for automation and batch testing, that omission increases the chance of accidental secret exposure, use against untrusted endpoints, or unintended transmission of proprietary data.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation instructs users to generate a config file that persists an API key to disk, but it provides no warning about secret handling, file permissions, exclusion from version control, or safer alternatives such as environment variables. In a developer tooling skill, this increases the chance of accidental credential exposure through committed config files, shared workspaces, logs, or backups.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The workflow examples pass API keys on the command line and instruct users to generate provider config and output artifacts without any warning about credential exposure or artifact sensitivity. CLI arguments can be exposed through shell history, process listings, logs, CI job output, or persisted config files, which makes accidental secret disclosure realistic in the exact contexts this skill targets.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The generated config template includes the raw API key and can be written to disk via --config-output, creating a credential exposure risk through shell history, source control, backups, shared workspaces, or accidental publication. In this skill’s context, users are explicitly handling third-party API credentials, so persisting secrets in templated JSON materially increases the chance of compromise.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script copies the full provider configuration into the run directory as provider.json, which can persist API keys, endpoints, headers, or other sensitive connection details if they are stored in the input JSON. In this skill context, the output directory is meant for ongoing daily snapshots and reports, so silent persistence increases the chance of credential exposure through shared artifacts, backups, or accidental publication.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal