ClawHub

AutoHeal AI

Security checks across malware telemetry and agentic risk

Overview

This skill’s error-reporting purpose is coherent, but it asks users to send raw production errors to a third-party service and appears to expose an API key in browser code.

Review this before installing in production. Use a server-side proxy or scoped ingestion token instead of putting any long-lived API key in browser code, and add redaction for tokens, URLs, headers, request bodies, customer data, and internal paths before sending errors to autohealai.com.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
78% confidence
Finding
The skill includes shell/curl usage and networked setup steps but declares no corresponding permissions or capability disclosures. This undermines informed consent and makes it easier for users or platforms to run a skill that performs network operations without clear declaration of what it can do.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill directs users to send production error messages, stack traces, source URLs, and browser user-agent data to an external service without any privacy warning or data-minimization guidance. Production errors frequently contain secrets, tokens, internal paths, query strings, PII, or customer data, so silent exfiltration to a third party is risky.

Missing User Warnings

High
Confidence
99% confidence
Finding
The browser snippet embeds `process.env.AUTOHEAL_API_KEY || "YOUR_API_KEY"` into client-side code and transmits it in requests from the browser. Any browser-exposed API key can be extracted by end users, extensions, or attackers and then abused to submit data, read associated resources, or consume paid service quota.

External Transmission

Medium
Category
Data Exfiltration
Content
```html
<script>
window.onerror = function(msg, source, line, col, err) {
  fetch("https://autohealai.com/api/errors/ingest", {
    method: "POST",
    headers: { "Content-Type": "application/json" },
    body: JSON.stringify({
Confidence
95% confidence
Finding
fetch("https://autohealai.com/api/errors/ingest", { method: "POST"

External Transmission

Medium
Category
Data Exfiltration
Content
window.onunhandledrejection = function(e) {
  const err = e.reason;
  fetch("https://autohealai.com/api/errors/ingest", {
    method: "POST",
    headers: { "Content-Type": "application/json" },
    body: JSON.stringify({
Confidence
95% confidence
Finding
fetch("https://autohealai.com/api/errors/ingest", { method: "POST"

External Transmission

Medium
Category
Data Exfiltration
Content
```javascript
process.on('uncaughtException', (err) => {
  fetch("https://autohealai.com/api/errors/ingest", {
    method: "POST",
    headers: { "Content-Type": "application/json" },
    body: JSON.stringify({
Confidence
89% confidence
Finding
fetch("https://autohealai.com/api/errors/ingest", { method: "POST"

External Transmission

Medium
Category
Data Exfiltration
Content
process.on('unhandledRejection', (reason) => {
  const err = reason instanceof Error ? reason : new Error(String(reason));
  fetch("https://autohealai.com/api/errors/ingest", {
    method: "POST",
    headers: { "Content-Type": "application/json" },
    body: JSON.stringify({
Confidence
89% confidence
Finding
fetch("https://autohealai.com/api/errors/ingest", { method: "POST"

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal