ClawHub

Fortigate Configuration Skill

Security checks across malware telemetry and agentic risk

Overview

This skill appears to automate FortiGate firewall configuration as advertised, but it uses privileged firewall access with risky defaults and can make broad persistent network changes without clear safeguards.

Review before installing. Use only a least-privilege FortiGate API token, keep it in protected secret storage, set FORTIGATE_VERIFY_SSL=true with a valid certificate, and test against a non-production device first. Treat add, update, delete, configure-icond, and industrial policy actions as production firewall changes that should be manually reviewed before execution.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation instructs users to set FORTIGATE_TOKEN but does not clearly warn that it is a highly sensitive secret that must be stored, masked, and handled securely. Because this skill administers a firewall and potentially ICS-related protections, poor credential hygiene could expose administrative access to a security-critical device and enable unauthorized policy changes.

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.25.1
tabulate>=0.8.9
Confidence
95% confidence
Finding
requests>=2.25.1

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.25.1
tabulate>=0.8.9
Confidence
89% confidence
Finding
tabulate>=0.8.9

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
97% confidence
Finding
requests

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal