ClawHub

Pingcode Timelogger

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims, but it asks users to store powerful PingCode session cookies and optional Git tokens in local plaintext files without enough safety guidance.

Install only if you are comfortable giving the skill access to your PingCode session and optional Git commit history. Store cookie and token files with restrictive permissions, do not commit or share them, use the narrowest Git token scopes available, and review the full task plan before approving any PingCode changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README tells users to export and persist all PingCode cookies to a local file, but does not warn that these cookies are effectively session credentials. If the file is exposed through weak filesystem permissions, backups, logs, or accidental commit/upload, an attacker could reuse the session to access the user's PingCode account and project data.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README instructs users to create a plaintext Git token file but does not explain that the token grants repository access and must be handled like a password. This increases the chance of token leakage via permissive file permissions, shell history, backups, or accidental inclusion in source control, which could expose private repository contents or enable API abuse depending on token scope.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill advertises broad trigger phrases such as "log hours" and "fill timesheet," which are generic enough to match normal conversation and cause unintended activation. Because this skill can create work items and submit timesheet entries, accidental invocation could lead to unauthorized or mistaken modifications in PingCode.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The setup instructs users to store and read PingCode cookies and Git tokens from local files, but it does not clearly warn that these are highly sensitive credentials with account-level access. In a skill context, this can normalize unsafe secret handling and increase the risk of credential exposure, reuse, or accidental disclosure through logs, prompts, or filesystem access.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal