ClawHub

GitHub Actions OIDC Hardening Audit

Security checks across malware telemetry and agentic risk

Overview

This skill is a local audit tool that checks GitHub Actions workflow files for insecure cloud authentication patterns, and the risky examples are test fixtures rather than behavior performed by the skill.

Install this if you want a local Bash/Python audit of GitHub Actions cloud-auth workflows. Keep WORKFLOW_GLOB scoped to repositories and workflow files you intend to inspect, and review the script if provenance matters because the package is not from the trusted @openclaw publisher.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The workflow authenticates to AWS using long-lived static access keys stored as GitHub secrets instead of GitHub OIDC with short-lived credentials. If those secrets are exposed through repository compromise, workflow abuse, logging mistakes, or secret exfiltration, an attacker can obtain durable AWS access beyond a single job run, which is exactly the hardening gap this skill is meant to detect.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
This workflow authenticates to GCP using a long-lived static service account key from GitHub Secrets instead of ephemeral OIDC-based federation. Static cloud keys are harder to scope, rotate, and audit, and if exposed through repository compromise, workflow abuse, logs, or secret exfiltration, they can enable persistent unauthorized access to GCP beyond a single workflow run. In the context of an OIDC-hardening audit skill, this is especially dangerous because it represents the exact anti-pattern the skill is meant to detect.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal