ClawHub

coze-workflow-api

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a transparent, user-run Coze API helper with normal third-party data sharing risks, not hidden malicious behavior.

Install only if you are comfortable sending the PAT, workflow ID, and input parameters to Coze. Use a dedicated limited-scope token where possible, avoid sending secrets or regulated data in workflow parameters, and save results somewhere private rather than a shared temporary path if they may be sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs users to send a PAT token and arbitrary workflow parameters to a third-party API but does not explicitly warn that the data leaves the local environment or discuss privacy, data handling, or sensitivity considerations. This creates a real data-exposure risk because users may unknowingly transmit secrets, personal data, or proprietary content to an external service.

External Transmission

Medium
Category
Data Exfiltration
Content
## 使用方法

### 直接使用 curl

```bash
curl -s --location --request POST 'https://api.coze.com/v1/workflow/stream_run' \
Confidence
91% confidence
Finding
curl ```bash curl -s --location --request POST 'https://api.coze.com/v1/workflow/stream_run' \ --header "Authorization: Bearer $COZE_PAT_KEY" \ --header 'Content-Type: application/json' \ --dat

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
export COZE_PAT_KEY="your_pat_token_here"

curl -s --location --request POST 'https://api.coze.com/v1/workflow/stream_run' \
  --header "Authorization: Bearer $COZE_PAT_KEY" \
  --header 'Content-Type: application/json' \
  --data-raw '{
Confidence
91% confidence
Finding
curl -s --location --request POST 'https://api.coze.com/v1/workflow/stream_run' \ --header "Authorization: Bearer $COZE_PAT_KEY" \ --header 'Content-Type: application/json' \ --data-raw

External Transmission

Medium
Category
Data Exfiltration
Content
### 保存结果到文件

```bash
curl -s --location --request POST 'https://api.coze.com/v1/workflow/stream_run' \
  --header "Authorization: Bearer $COZE_PAT_KEY" \
  --header 'Content-Type: application/json' \
  --data-raw '{
Confidence
88% confidence
Finding
https://api.coze.com/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
export COZE_PAT_KEY="your_pat_token_here"

curl -s --location --request POST 'https://api.coze.com/v1/workflow/stream_run' \
  --header "Authorization: Bearer $COZE_PAT_KEY" \
  --header 'Content-Type: application/json' \
  --data-raw '{
Confidence
91% confidence
Finding
https://api.coze.com/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal