ClawHub
Back to skill

Security audit

PaleBlueDot CLI

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned for managing PaleBlueDot CLI access, but it deserves review because it installs remote code and handles session cookies and plaintext API keys.

Review the installer before running it, prefer a pinned release with checksum or signature verification, and use browser login instead of manual cookie entry when possible. Only run token deletion or key-retrieval commands when you intend that action, and keep session cookies and API keys out of shared chats, screenshots, logs, and shell history.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs users to manually obtain and enter a live session cookie, which is equivalent to a bearer credential, but does not clearly warn that this value grants account access and must not be shared, logged, pasted into transcripts, or stored insecurely. In an agent-skill context, this is especially risky because users may provide the cookie to the agent or expose it in terminal history, resulting in account takeover if intercepted.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation advertises plaintext token key retrieval without warning that the output is a reusable secret that can grant API access if exposed. In a skill/agent setting, users may run this command and inadvertently reveal the key in shared terminals, logs, screenshots, or agent-visible output, enabling unauthorized use of their account and quota.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal