ClawHub

Bark Push

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Bark notification helper that sends user-provided notification text to Bark using a device key, with no hidden persistence or unrelated local access found.

Install this only if you want OpenClaw to send Bark pushes to your device. Treat the Bark device key as a credential, avoid sending passwords or sensitive personal data in notification text, prefer the POST-based script flow over URL-path curl examples, and consider confirming sends when the message content is inferred.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill clearly relies on environment variables and shell execution, but the metadata does not declare corresponding permissions or capabilities. This weakens review and runtime governance because users and platforms may not understand that the skill can access secrets and invoke shell-based tooling that sends data off-host.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrases are broad enough to match ordinary conversation such as 'send a notification' or 'push to phone,' which can cause unintended activation. In this skill, accidental triggering is more sensitive because activation can transmit user-provided content and a device identifier to an external service.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The documentation does not clearly warn that notification content and the Bark device key are sent to a third-party Bark endpoint. This is a real privacy and secret-handling issue because users may provide sensitive text assuming the action is local, while the skill performs external transmission to api.day.app.

External Transmission

Medium
Category
Data Exfiltration
Content
-t "提醒" -b "时间到了" -s alarm
```

### 方式三:直接使用 curl

```bash
# 简单推送
Confidence
96% confidence
Finding
curl ```bash # 简单推送 curl "https://api.day.app/$BARK_KEY/标题/内容" # 带参数 curl -X POST "https://api.day.app/$BARK_KEY" \ -H 'Content-Type: application/json' \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
### 1. 环境变量配置

Bark API endpoint: `https://api.day.app/{device_key}`

Device key 可以从以下环境变量读取 (按优先级):
1. `BARK_KEY`
Confidence
90% confidence
Finding
https://api.day.app/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# 简单推送
curl "https://api.day.app/$BARK_KEY/标题/内容"

# 带参数
curl -X POST "https://api.day.app/$BARK_KEY" \
Confidence
95% confidence
Finding
https://api.day.app/

External Transmission

Medium
Category
Data Exfiltration
Content
curl "https://api.day.app/$BARK_KEY/标题/内容"

# 带参数
curl -X POST "https://api.day.app/$BARK_KEY" \
  -H 'Content-Type: application/json' \
  -d '{
    "title": "标题",
Confidence
95% confidence
Finding
https://api.day.app/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal