ClawHub

Asana

Security checks across malware telemetry and agentic risk

Overview

This appears to be a normal Asana integration, but it stores Asana secrets locally and can change live workspace data without built-in confirmation safeguards.

Install only if you are comfortable giving the skill reusable access to your Asana account and allowing it to modify live Asana data. Prefer a least-privilege token or OAuth app, protect the ~/.openclaw/asana directory, avoid syncing or committing it, and review agent requests carefully before allowing task updates, comments, or completions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The README explicitly documents on-disk storage locations for configuration, credentials, and tokens but provides no warning about treating these files as sensitive secrets or protecting their permissions. While documentation of storage paths is normal for a credentialed integration, omitting basic security guidance can lead users to leave long-lived Asana secrets exposed on shared systems, backups, or logs.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The CLI exposes write-capable operations such as update-task, complete-task, comment, and create-task that immediately modify remote Asana state once invoked, with no confirmation prompt, dry-run mode, or explicit acknowledgement. In an agent skill context, this increases the risk that a misinterpreted instruction, prompt injection, or accidental argument selection causes unintended task creation or modification in a live workspace.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script stores an Asana PAT and OAuth client secret in JSON files under the user's home directory without any warning, encryption, or explicit file-permission hardening. These secrets can be exposed through local compromise, backups, misconfigured permissions, or accidental sharing of the config directory, enabling unauthorized access to the user's Asana data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal