ClawHub

Task Sync

Security checks across malware telemetry and agentic risk

Overview

This task-sync skill matches its stated purpose, but it can automatically delete or change live Google Tasks and TickTick data on a schedule without a dry-run or confirmation step.

Install only if you are comfortable granting write access to both Google Tasks and TickTick. Test first with non-critical lists or accounts, back up important tasks, protect the OAuth token files, and avoid enabling cron until you have reviewed sync_db.json/sync_log.json and confirmed the mapping and deletion behavior are acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Tainted flow: 'PYTHON_BIN' from os.environ.get (line 17, credential/environment) → subprocess.run (code execution)

Medium
Category
Data Flow
Content
def run_sync():
    """Run sync.py and return output."""
    result = subprocess.run(
        [PYTHON_BIN, SYNC_SCRIPT],
        capture_output=True, text=True, cwd=BASE_DIR, timeout=120,
    )
Confidence
88% confidence
Finding
result = subprocess.run( [PYTHON_BIN, SYNC_SCRIPT], capture_output=True, text=True, cwd=BASE_DIR, timeout=120, )

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The script writes a long-lived OAuth access/refresh token bundle, including client secret, to disk in plaintext without warning the operator about its sensitivity or enforcing restrictive permissions. In the context of a task-sync skill that is likely to run repeatedly or be scheduled, compromise of this file could let another local user, process, backup system, or accidental commit gain ongoing access to the user's Google Tasks data.

Missing User Warnings

High
Confidence
92% confidence
Finding
The sync logic can delete remote Google lists and tasks automatically when corresponding TickTick entities are missing, with no confirmation, quarantine, or soft-delete step. In a bidirectional sync tool, mapping drift, transient API errors, stale state, or accidental upstream deletion can cascade into irreversible data loss across accounts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal