ClawHub

NeonDB-skill

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Neon database-management skill, but users should treat its credentials and destructive database commands carefully.

Install this only if you want the agent to manage Neon databases. Use limited-scope credentials where possible, avoid pasting API keys or connection strings into logs or chats, rotate any exposed secrets, and review project, branch, and database IDs before running delete or reset commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documentation includes project deletion commands without any warning, confirmation guidance, or scoping advice. In an agent context, users or automated systems may copy these commands directly, increasing the risk of accidental destructive actions against production databases or projects.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The branch reset example is potentially destructive because it can overwrite branch state, but the documentation presents it as a normal operation without warning. In a workflow driven by agents or scripts, this increases the chance of unintentional data loss or rollback of important changes.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The examples show retrieving and piping full connection strings, which typically include credentials, without warning that these values are sensitive. In agent or shell environments, this can lead to secrets being exposed via logs, shell history, process listings, or downstream command capture.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation instructs users to export an API key directly in the shell without noting that it is a sensitive credential. This can encourage insecure handling, including committing secrets to scripts, exposing them in shared terminals, or leaking them through shell history and environment inspection.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The script prints the full Neon connection string to stdout, which commonly includes database credentials. In agent, CI/CD, or shared terminal environments, stdout is often logged, persisted, or exposed to other users and systems, turning a setup convenience into credential leakage. In the context of a database-management skill, this is more dangerous because the leaked secret grants direct access to persistent org data.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal