ClawHub

Api Workbench

Security checks across malware telemetry and agentic risk

Overview

API Workbench is a coherent API debugging skill, but it handles credentials and automatically persists request metadata with weaker redaction and user control than its security claims imply.

Install only if you are comfortable with an API tool that may send credentials to endpoints you specify and save request history locally. Avoid using it with production tokens, sensitive query parameters, cookies, or private response bodies unless you first verify history redaction, clear saved history, and review generated docs/curl output before sharing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The module claims sensitive fields are sanitized, but the implementation stores the first 8 characters of secrets such as Authorization headers and API keys. Partial secret disclosure can still leak token prefixes, formats, issuer hints, or enough material to aid correlation and targeted attacks, especially when written to persistent local history.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The module adds implicit environment variable expansion, which allows request data to pull secrets such as API keys or tokens from the host process environment. In an API workbench context, those resolved values can then be inserted into outbound requests or logs, creating a real secret-exposure path beyond simple variable interpolation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Automatically saving request history without a prominent warning is risky for an API tool because requests frequently contain URLs, headers, payloads, identifiers, and operational metadata. Even if tokens/passwords are intended to be excluded, sensitive query parameters, request bodies, or endpoint patterns may still be retained on disk and later exposed to other local users or processes.

Missing User Warnings

Low
Confidence
80% confidence
Finding
The parser explicitly extracts Basic Auth credentials into structured fields and reconstructs them back into a curl command, which can expose secrets through logs, console output, history, telemetry, or downstream displays if the parsed object or reconstructed command is shown to users. In the context of an API debugging tool, handling credentials is expected, but doing so without redaction or warning increases the chance of accidental secret disclosure.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The function generates Markdown that includes a reconstructed full curl command and may also include full JSON response bodies. In an API debugging/documentation tool, those artifacts can contain sensitive headers, tokens, cookies, query parameters, PII, or internal endpoint details, so exporting them to docs without masking or an explicit warning creates a real information disclosure risk.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
Request URLs and headers are written to a predictable file in the user's home directory, which can expose API endpoints, query parameters, usernames, and non-redacted header values to other local processes, backups, or shared accounts. In an API debugging tool, requests often contain highly sensitive operational and credential-adjacent data, making local persistence a meaningful privacy and security risk.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The code reads arbitrary environment variables without any warning, audit trail, or user-facing indication that local credentials may be accessed. In a debugging tool that constructs HTTP requests, this increases the chance that users unknowingly transmit sensitive host secrets to remote APIs.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal