ClawHub

Env Config Manager

Security checks across malware telemetry and agentic risk

Overview

This skill is a plausible environment-file utility, but it handles secrets in ways users should review carefully before installing.

Install only if you are comfortable with the skill reading and modifying local .env files. Do not rely on the advertised encryption, key rotation, or team-safe sharing from these artifacts, and avoid running load, switch, get, or diff against real secret files unless output is redacted or you are in a private terminal/logging context.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (11)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The CLI prints every environment variable name and value when running the load and switch commands. Since .env files commonly contain API keys, database passwords, and tokens, this creates a direct secret-disclosure risk via terminal output, shell history capture, logs, CI job output, or other monitoring systems.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The get and diff command paths echo individual variable values and before/after differences directly to stdout. This can leak secrets during local use, automation, or CI/CD execution, especially because diffs may expose rotated credentials and previous secret values that should no longer be visible.

Unpinned Dependencies

Low
Category
Supply Chain
Content
python-dotenv>=1.0.0
PyYAML>=6.0
cryptography>=41.0.0
click>=8.0.0
Confidence
95% confidence
Finding
python-dotenv>=1.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
python-dotenv>=1.0.0
PyYAML>=6.0
cryptography>=41.0.0
click>=8.0.0
pytest>=7.0.0
Confidence
98% confidence
Finding
PyYAML>=6.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
python-dotenv>=1.0.0
PyYAML>=6.0
cryptography>=41.0.0
click>=8.0.0
pytest>=7.0.0
Confidence
97% confidence
Finding
cryptography>=41.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
python-dotenv>=1.0.0
PyYAML>=6.0
cryptography>=41.0.0
click>=8.0.0
pytest>=7.0.0
Confidence
90% confidence
Finding
click>=8.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
PyYAML>=6.0
cryptography>=41.0.0
click>=8.0.0
pytest>=7.0.0
Confidence
93% confidence
Finding
pytest>=7.0.0

Known Vulnerable Dependency: python-dotenv — 1 advisory(ies): CVE-2026-28684 (python-dotenv: Symlink following in set_key allows arbitrary file overwrite via )

Low
Category
Supply Chain
Confidence
78% confidence
Finding
python-dotenv

Known Vulnerable Dependency: PyYAML — 8 advisory(ies): CVE-2019-20477 (Deserialization of Untrusted Data in PyYAML); CVE-2020-1747 (Improper Input Validation in PyYAML); CVE-2020-14343 (Improper Input Validation in PyYAML) +5 more

Critical
Category
Supply Chain
Confidence
99% confidence
Finding
PyYAML

Known Vulnerable Dependency: cryptography — 10 advisory(ies): GHSA-39hc-v87j-747x (Vulnerable OpenSSL included in cryptography wheels); CVE-2023-50782 (Python Cryptography package vulnerable to Bleichenbacher timing oracle attack); GHSA-5cpq-8wj7-hf2v (Vulnerable OpenSSL included in cryptography wheels) +7 more

High
Category
Supply Chain
Confidence
96% confidence
Finding
cryptography

Known Vulnerable Dependency: pytest — 1 advisory(ies): CVE-2025-71176 (pytest has vulnerable tmpdir handling)

Low
Category
Supply Chain
Confidence
82% confidence
Finding
pytest

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal