ClawHub

gopass

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward gopass password-manager helper, but users should be careful because it can expose, sync, or delete secrets if used carelessly.

Install only if you intend your agent to help manage gopass secrets. Before using it, require confirmation for any show, copy, delete, recursive delete, insert, generate, or sync action; avoid clipboard use on untrusted machines; verify Git remotes before syncing; and back up or list target paths before deletion.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill documents deletion commands, including recursive removal, without any caution about irreversibility, confirmation expectations, or the risk of deleting the wrong secret subtree. In a secrets-management skill, omissions like this increase the chance that an agent or user will destroy credential material or team-shared entries with no recovery guidance.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill recommends copying secrets to the clipboard without warning that clipboards may be readable by other applications, persisted by clipboard managers, or exposed in shared desktop sessions. Because this skill handles credentials, normalizing clipboard use without caveats materially increases secret exposure risk.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill instructs users to sync the gopass store via Git but does not warn that encrypted secret blobs, filenames/metadata, and repository history may be transmitted to configured remotes. In a team password-store context, this can lead to accidental disclosure to the wrong remote, broader replication of sensitive material, or leakage of secret names and structure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal