ClawHub

Mowenskill Clean

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Mowen publishing skill, but users should treat it as able to post/edit notes and upload selected images to Mowen.

Install only if you intend to let the agent publish or edit Mowen notes using your API key. Prefer MOWEN_API_KEY over passing the key on the command line, confirm the exact note content, note ID, publication status, privacy setting, and every image before running it, and do not provide sensitive local files or private/internal URLs unless you mean to send them to Mowen.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill states that local file paths and remote image URLs are uploaded automatically, but it does not clearly warn users that specifying a local path causes that file to be transmitted to the external Mowen API. This can lead to unintended exfiltration of sensitive local images or metadata, especially in an agent context where users may not understand that 'automatic handling' means outbound upload.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The documentation says the API key can be passed via the '--api-key' argument without warning that command-line arguments may be exposed through shell history, process listings, logs, or telemetry. This increases the risk of accidental credential disclosure on multi-user systems or monitored environments.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation describes a remote upload API that causes the Mowen service to fetch a user-supplied URL, but it does not clearly warn that this discloses the URL and request metadata to a third party. In an agent skill context, users may provide private, signed, intranet, or otherwise sensitive links, and the agent could submit them without the user understanding that an external service—not just the agent—will access them.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The script forwards user-supplied remote image URLs to the external Mowen API for server-side fetching. This can disclose sensitive or internal-only URLs to a third party and may trigger unwanted network access from the provider side; in an agent context, users may not realize that supplying a URL causes external retrieval beyond the local tool.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal