Env credential access
Critical
- Finding
- Environment variable access combined with network send.
Robot Id Card
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a coherent bot-identity toolkit, but users should protect generated bot keys and confirm any action that changes the public registry.
Before installing or using this skill, confirm which registry URL you will trust, protect generated `.key.json` and `.ric.json` files, and require explicit approval before registering bots or submitting reports. If deploying the registry, set a strong RIC_ADMIN_KEY and review the omitted extension/registry files separately if they were not part of your local audit.
Static analysis
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
Bot registration metadata, including developer contact details and bot purpose, can be sent to the selected registry.
Why it was flagged
The CLI sends bot registration data to a registry endpoint. This is expected for the stated bot-identity purpose, but the destination is configurable.
Skill content
const REGISTRY = process.env.RIC_REGISTRY || 'https://registry.robotidcard.dev' ... fetch(`${REGISTRY}/v1/bots/register`, { method: 'POST', ... body: JSON.stringify(payload) })Recommendation
Verify the registry URL before registering, and avoid using personal or sensitive contact details unless you intend them to be part of the bot registry.
What this means
Anyone who obtains the saved key or certificate JSON can impersonate that bot identity.
Why it was flagged
The CLI writes the bot private key into the local certificate/config file so it can later sign claims and requests.
Skill content
const config = { ...certificate, private_key_hex: privateKeyHex }
fs.writeFileSync(opts.out, JSON.stringify(config, null, 2))Recommendation
Keep generated key and certificate files out of source control, restrict file permissions, and rotate or re-register the bot if a key is exposed.
What this means
Improper or accidental reports could affect another bot's public reputation or access level.
Why it was flagged
The skill includes a reporting workflow that can contribute to downgrading or blocking a bot in the public registry.
Skill content
自动降级 | 3 次举报 → 自动标记 dangerous → Level 0 封锁 ... CLI 工具 | `ric keygen / register / claim / status / verify / report`
Recommendation
Use `ric report` only with explicit user intent and supporting evidence; registry operators should enforce authentication, rate limits, and an appeal or reversal process.
What this means
Automated installers may not warn users about needed tooling or configurable runtime settings.
Why it was flagged
The registry metadata does not declare the Node/npm runtime and environment variables described in the skill and package documentation.
Skill content
Required binaries (all must exist): none ... Required env vars: none ... No install spec — this is an instruction-only skill.
Recommendation
Update metadata to declare Node/npm requirements and relevant environment variables such as RIC_REGISTRY and deployment-only RIC_ADMIN_KEY.