ClawHub

LastPass CLI Skill

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for LastPass automation, but it can expose vault secrets directly to the agent and command output without enough handling safeguards.

Install only if you explicitly want an agent to retrieve LastPass secrets through lpass. Treat all outputs from this skill as sensitive: avoid broad raw or notes retrieval, do not paste results into unrelated tools, and assume returned secrets may appear in terminal output, transcripts, logs, or agent context.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly enables retrieval of passwords, usernames, notes, and raw vault data from a local LastPass vault for use in automation, but it does not warn users that invoking the tool can expose highly sensitive secrets into agent context, logs, downstream tools, or prompts. In an automation setting, this omission materially increases the risk of accidental secret disclosure because users may not realize that fetched credentials can persist beyond the immediate task.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script directly prints secrets from LastPass to stdout, which can expose credentials to terminal scrollback, shell history-adjacent workflows, logs, parent processes, or calling agents that capture command output. In an agent skill context, this is more dangerous because stdout is commonly consumed programmatically and may be persisted or forwarded without the user's awareness.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal