ClawHub

Kimi Integration

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate Kimi/Moonshot setup guide with minor cautions around API key handling and live external test requests.

Install only if you intend to use Moonshot/Kimi as external model providers for Clawdbot. Use environment variables or a protected env file for keys, avoid printing full keys in shared terminals or logs, run the test script only when you want a live API request, and send only data your organization permits those providers to process.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The troubleshooting section instructs users to run `echo $MOONSHOT_API_KEY` and `echo $KIMICODE_API_KEY`, which prints full secrets to the terminal and potentially into shell history, screen recordings, logs, or shared terminals. This can lead to accidental credential exposure even though the documentation is otherwise benign.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The direct `curl` test example sends a live authenticated request using the user's API key without any warning about cost, data sharing, logging, or execution in untrusted environments. While this is a legitimate troubleshooting technique, omitting safety guidance increases the risk of inadvertent secret exposure and unnecessary transmission to a third party.

Missing User Warnings

Low
Confidence
89% confidence
Finding
The documentation provides a ready-to-run authenticated curl example against a third-party API but does not clearly warn that the command will send user-supplied prompt content and an API credential to an external service. In an integration guide this is expected behavior, but the missing warning can still mislead users about data egress and secret handling.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal