ClawHub

Yarn - Control and Access Threads.com via the CLI

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent for Threads automation, but it needs review because it can use browser/session credentials and publish from the user’s account without strong safety scoping.

Install only if you are comfortable letting the underlying CLI use your Threads browser session or cookies and potentially publish from your account. Treat session IDs, CSRF tokens, and user IDs like passwords, avoid passing them in visible command lines or chats, and require explicit confirmation before any post, reply, or quote command is run.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly instructs users to obtain manual session tokens from browser cookies, which are sensitive authentication credentials equivalent to account access. Without strong warnings about secrecy, storage, redaction, and least-privilege handling, users may expose tokens in terminals, logs, screenshots, chat transcripts, or copied command history, leading to account compromise.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation explicitly exposes support for passing raw authentication cookies (`sessionid`, `csrftoken`, `ds_user_id`) on the command line without any warning about credential sensitivity or safer alternatives. CLI arguments are commonly exposed via shell history, process listings, logs, and agent telemetry, so this can lead to accidental credential disclosure and account takeover if copied, logged, or inspected.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal