ClawHub

Zhihu Column Article List API

Security checks across malware telemetry and agentic risk

Overview

This focused JustOneAPI lookup skill does what it advertises, but it handles the API token in ways that can expose it in command history, process listings, and request URLs.

Review before installing. Use only a restricted, rotatable JustOneAPI token, avoid shared or heavily logged environments, and prefer a version that reads the token directly from the environment and authenticates outside the URL if the provider supports it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill requires the API token as a query parameter and injects it into the request URL, which exposes the secret in places where URLs are commonly logged or retained, such as proxy logs, browser/history equivalents, monitoring systems, and server access logs. Because this is a reusable API wrapper skill, the behavior systematically propagates insecure secret handling across every invocation rather than being an isolated edge case.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill requires a token to be sent as a query parameter, and the manifest provides no user-facing warning about transmitting credentials to a third-party API. Query parameters are more likely to be exposed via logs, telemetry, browser history, proxy records, and debugging tools, increasing the chance of credential leakage and unauthorized API use.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal