critical
suspicious.env_credential_access
- Location
- scripts/lib.mjs:2
- Finding
- Environment variable access combined with network send.
Overseerr
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.env_credential_access
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI03: Identity and Privilege AbuseWhat this means
Anyone or any agent action using this skill can act through the configured Overseerr API key, including viewing request data and creating media requests.
Why it was flagged
The skill uses an Overseerr API key for authenticated API calls. This is expected for the integration, but the key grants whatever Overseerr permissions are associated with it.
Skill content
const apiKey = requiredEnv('OVERSEERR_API_KEY'); ... headers = { 'X-Api-Key': apiKey, Accept: 'application/json' }Recommendation
Use an API key with only the permissions you are comfortable delegating, keep OVERSEERR_URL pointed at your trusted instance, and rotate the key if it may have been exposed.
NoteHigh Confidence
ASI02: Tool Misuse and ExploitationWhat this means
A mistaken or ambiguous request could add an unintended movie or TV show request to the Overseerr server.
Why it was flagged
The request script creates a new Overseerr request and automatically uses the first search result. This matches the stated purpose, but it is a state-changing action and could request the wrong title if the search result is ambiguous.
Skill content
const chosen = candidates[0]; ... const created = await overseerrFetch('/request', { method: 'POST', body });Recommendation
Use search first for ambiguous titles, review the result, and avoid allowing the agent to create requests unless the intended title and type are clear.
NoteHigh Confidence
ASI10: Rogue AgentsWhat this means
If started, the monitor will continue polling the Overseerr API and printing request updates until the process is stopped.
Why it was flagged
The monitor command is a continuous polling loop. It is documented as monitoring behavior and is not automatically started, but it will keep running until stopped.
Skill content
while (true) { ... await new Promise((r) => setTimeout(r, intervalSec * 1000)); }Recommendation
Run the monitor only when you want continuous status updates, choose a reasonable interval, and stop the process when monitoring is no longer needed.