ClawHub

ZEDEDA

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real ZEDEDA admin API client, but it lets an agent perform disruptive infrastructure and IAM actions without built-in confirmations.

Install only if you intend to let OpenClaw administer ZEDEDA resources. Use a least-privilege ZEDEDA API token, avoid production-wide permissions where possible, and review agent plans carefully before allowing delete, reboot, offboard, deactivate, bulk job, secret-listing, or user-management commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill declares required and optional environment variables and explicitly documents network access to the ZEDEDA API, plus file input via --body-file, yet no explicit permissions are declared. This creates a transparency and policy-enforcement gap: an agent or user may invoke a skill with broader capabilities than expected, including sending sensitive data from environment variables to an external service.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The CLI exposes destructive node-management operations such as delete, reboot, deactivate, and offboard directly with no confirmation prompt, dry-run mode, or safety interlock. In an infrastructure-management skill, this increases the chance of accidental or scripted misuse leading to service disruption or loss of managed edge devices, even if the underlying API still enforces authentication.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
Application-instance deletion and user deletion are exposed as one-step commands without visible warning or confirmation in the CLI flow. In this ZEDEDA admin context, accidental invocation could remove deployed workloads or IAM users and cause outages, lockouts, or administrative disruption, making the lack of guardrails materially risky.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal