ClawHub

Kuaidi Query

Security checks across malware telemetry and agentic risk

Overview

The skill mostly does package tracking as advertised, but it ships with a live-looking Track123 credential and stores shipment data locally by default.

Review before installing. Replace or delete the bundled config.json and use your own Track123 API key. Only query tracking numbers you are comfortable sending to Track123, and use --no-cache or remove .cache.json if shipment details should not remain on disk. The axios dependency should also be reviewed or updated before use in sensitive environments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Low
Confidence
82% confidence
Finding
The documentation recommends enabling debug mode and logging query activity, but does not warn that debug logs may contain tracking numbers, shipment status, locations, or API request/response details. In a logistics-query skill, that data can reveal sensitive operational or personal information if logs are retained insecurely or exposed to unauthorized users.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation instructs users to send tracking numbers and an API key to a third-party service but does not mention that shipment data, location history, and potentially personal information will leave the local environment. In an agent skill context, this omission is security-relevant because users may unknowingly authorize external transmission of sensitive logistics data and credentials.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script sends user-supplied tracking numbers to the external Track123 service as part of its core functionality, but the CLI interface does not clearly disclose that shipment identifiers and related logistics data will leave the local environment. Tracking numbers can be sensitive business or personal data because they may reveal merchants, delivery activity, and shipment status, so silent transmission creates a privacy and data-handling risk.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script stores queried shipment results in a local .cache.json file by default without informing the user that logistics data will persist on disk. Cached shipment metadata and tracking history may expose delivery patterns or other sensitive operational information to other local users, backups, or later processes.

Unpinned Dependencies

Low
Category
Supply Chain
Content
"author": "josh",
  "license": "MIT",
  "dependencies": {
    "axios": "^1.13.6"
  }
}
Confidence
89% confidence
Finding
"axios": "^1.13.6"

Known Vulnerable Dependency: axios==1.13.6 — 10 advisory(ies): CVE-2025-62718 (Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF); CVE-2026-42044 (Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget in `pars); CVE-2026-42037 (Axios: CRLF Injection in multipart/form-data body via unsanitized blob.type in f) +7 more

High
Category
Supply Chain
Confidence
98% confidence
Finding
axios==1.13.6

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal