ClawHub

Claude OAuth Auto-Renewal

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent, but it should be reviewed because it can automatically use your local Claude credentials and logged-in Chrome session to renew account access.

Install only if you intentionally want unattended Claude Code OAuth renewal on this Mac. Review the script first, understand that it may use your Chrome Claude session and Keychain-stored Claude credentials, and consider adding a manual approval gate or disabling Tier 2 browser automation before running it from heartbeat.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill describes a browser automation flow that can click OAuth consent UI, extract an authorization code from a callback page, and feed it back into the CLI, but it does not present an explicit warning or consent boundary to the user. In a security-sensitive authentication context, omitting that warning increases the chance that operators enable intrusive automation without understanding that it can act on a live authenticated browser session and handle login artifacts.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script silently performs full OAuth browser automation, clicks an authorization button in Chrome via Apple Events, extracts the authorization code from the callback page, and feeds it back into the CLI without requiring explicit user consent at the time of action. This is dangerous because it automates a sensitive authentication flow and grants broad UI scripting access to browser contents, which can unexpectedly authorize sessions or mishandle auth artifacts if the page or environment is not exactly as assumed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal