ClawHub

signal-track

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate topic-tracking CLI, but it needs review because it stores and reuses API credentials in a weakly scoped local config file.

Install only if you are comfortable sending tracked topics, searches, feed requests, article IDs, and follow/unfollow actions to the YouNews/Sohu backend. Use a dedicated YouNews API key, avoid keeping unrelated credentials in a top-level OpenClaw `apiKey`, and protect or delete `~/.openclaw/openclaw.json` or `~/.signal-track/config.json` when you no longer need the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill explicitly documents network-backed behavior, including a remote API base URL and commands that validate credentials against a backend, but it does not declare corresponding permissions or clearly surface that network access is required. This can mislead users and policy systems about the skill's effective capabilities, reducing informed consent and weakening review controls around outbound data flow.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill states that `signal-track login --api-key <api_key>` stores login state and references specific config paths, but it does not clearly warn that sensitive authentication material or user context may persist on disk. Users may unknowingly leave reusable credentials in predictable locations, increasing the risk of credential theft from local compromise, backups, or accidental file exposure.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The login flow stores the API key in a plaintext JSON config under the user's home directory, and the CLI gives no warning that long-lived credentials will be persisted locally. If the local machine, home directory backups, or other processes/users can read that file, the token can be stolen and reused to access the user's account or data.

Session Persistence

Medium
Category
Rogue Agent
Content
## Key capabilities

* Create and manage topics
* Subscribe/unsubscribe to topics
* Retrieve topic details by id
* Search within tracked signals
Confidence
78% confidence
Finding
Create and manage topics * Subscribe/unsubscribe to topics * Retrieve topic details by id * Search within tracked signals * Fetch full article content * Trigger deep analysis on selected items ## Exa

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal