ClawHub

Sonarqube Analyzer

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it queries a configured SonarQube server and reports code-quality issues, with configuration caveats but no evidence of hidden or destructive behavior.

Install only if you want an agent or CLI to query your SonarQube instance. Set SONAR_HOST_URL deliberately, use HTTPS for remote servers, use a least-privileged SonarQube token, and keep tokens out of committed config, logs, and screenshots. Treat autoFix as a misleadingly named analysis option in this version, and review any suggested fixes manually.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The client hardcodes a default token value of 'admin' and then suppresses authentication when that default is present, creating insecure-by-default behavior and ambiguous auth semantics. In practice this can cause unintended unauthenticated requests to a SonarQube instance, and if combined with the default HTTP host, may expose project metadata over an unencrypted local or proxied connection.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README includes concrete authentication-token configuration examples and later documents a default token value of `admin`, but it does not warn users not to commit real credentials or store them insecurely. In an AI-agent/plugin context, users often copy-paste config blocks directly into persistent files, increasing the chance of accidental secret exposure in repositories, logs, screenshots, or shared configs.

Missing User Warnings

Medium
Confidence
99% confidence
Finding
The skill documentation explicitly includes a concrete authentication credential example (`SONAR_TOKEN=admin`) and presents it as environment configuration without any warning that the token is sensitive. Even if intended as an example, this normalizes hardcoded/default credentials and can lead users to deploy insecure configurations or leak real secrets through logs, screenshots, or checked-in config files.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill advertises an `autoFix` capability that can apply corrections automatically, but it does not warn users that enabling it may modify project files or create unintended code changes. In a codebase-integrated workflow, this can cause integrity issues, accidental breakage, or unsafe automated edits if the user assumes the action is read-only.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The manifest exposes an `autoFix` capability that may modify source code or project files, but it does not warn users about file-changing behavior or require explicit confirmation semantics in the manifest. In a code-analysis/CI context, silent or poorly signposted modification features can lead to unintended code changes, unsafe automated edits, or misuse in pipelines where users expect read-only analysis.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal