ClawHub

Codemend

Security checks across malware telemetry and agentic risk

Overview

This skill mostly matches an error-monitoring purpose, but it includes an executable helper that contacts an unexpected AutoHeal domain and it under-explains ongoing production error data sharing.

Review before installing. Do not run scripts/check-errors.sh unless the publisher explains or fixes the AutoHeal/autohealai.com and AUTOHEAL_API_KEY mismatch. If using Codemend, treat the API key as a secret, review what error data leaves your app, redact sensitive stack traces and URLs, and avoid enabling automatic production capture until privacy and compliance requirements are understood.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Intent-Code Divergence

Low
Confidence
90% confidence
Finding
The documentation advertises a `check_status` capability that is not declared in the manifest tools list, creating a mismatch between the stated interface and the actual exposed tools. This can mislead downstream agents or users into invoking an unavailable action, causing unsafe fallback behavior, broken workflows, or incorrect assumptions about polling/status handling.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to transmit production error messages, stack traces, and source URLs to a third-party service without warning that these payloads may contain sensitive data such as secrets, internal paths, tokens, user identifiers, or private endpoints. In a security context, undisclosed off-platform transfer of operational telemetry increases the risk of unintended data exposure and noncompliant handling of production information.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The browser setup instructs users to embed a remote script that automatically captures client-side errors and sends them to Codemend, but it does not clearly warn that application telemetry will leave the platform. Browser errors can contain sensitive URLs, page state, identifiers, and user-generated data, so silent instrumentation materially raises privacy and supply-chain risk.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The backend examples enable process-wide and framework-level error handlers that will automatically forward server-side exception data to a third party without any caution about sensitive content. Server errors commonly include secrets, file paths, SQL fragments, internal service names, and customer data, making automatic transmission particularly risky in production.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal