ClawHub

guanyuan data

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real GuanYuan data export tool, but it stores and accepts account tokens in ways users should review carefully.

Install only if you trust this tool with GuanYuan account access and exported business data. Prefer a least-privileged account or short-lived token, avoid passing tokens as command-line arguments, restrict permissions on ~/.guanyuan/config.json and ~/.guanyuan/user.token, verify the API baseUrl before login, and save exports only to private approved locations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation instructs users to place credentials and tokens in configuration and token files, but does not give a prominent warning about secret handling, file permissions, shell history leakage, or accidental disclosure. In practice, this increases the chance that API passwords or bearer tokens are exposed through insecure storage, copied commands, logs, backups, or screenshots.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill documents CSV export with an output file path while only later noting that existing files are overwritten without warning. Silent overwrite behavior can destroy local data or clobber sensitive files if a user supplies an unintended path, making this a real safety issue in the context of file-writing tooling.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The README explicitly instructs users to place a password in plaintext in ~/.guanyuan/config.json and states that the token will be stored locally in ~/.guanyuan/user.token, but provides no guidance on file permissions, encryption, or secure secret handling. This creates a realistic credential exposure risk on shared systems, in backups, or through accidental disclosure of home-directory files.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documentation encourages exporting card data and metadata to local CSV/JSON files without warning that these outputs may contain sensitive business, operational, or personal data. Users may write files to insecure locations, commit them to source control, or share them without realizing the sensitivity of both the data and accompanying metadata.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The interactive token prompt uses readline with standard output enabled, so the secret is echoed visibly as the user types. This can expose API tokens to shoulder surfing, terminal recording, screen sharing, or shell session capture, which is especially risky because the token grants authenticated access to Guanyuan data APIs.

Session Persistence

Medium
Category
Rogue Agent
Content
创建配置文件 `~/.guanyuan/config.json`:

```bash
mkdir -p ~/.guanyuan
cat > ~/.guanyuan/config.json << 'EOF'
{
  "baseUrl": "https://your-guanyuan-domain.com",
Confidence
95% confidence
Finding
mkdir -p ~/.guanyuan cat > ~/.guanyuan/config.json << 'EOF' { "baseUrl": "https://your-guanyuan-domain.com", "domain": "your-domain", "loginId": "your-login-id", "password": "your-password" }

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal