Run402 Test
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill’s Run402 database purpose is coherent, but its bundled helper can use an undeclared local service key to run arbitrary admin SQL, so it needs review before use.
Use this skill only if you are comfortable letting an agent perform paid Run402 provisioning and privileged database administration. Before running any helper or command, confirm the project ID, the exact SQL, and which service key will be used.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent or user runs this helper with destructive SQL, it could modify or delete database objects or data in the selected Run402 project.
The helper sends arbitrary command-line text as SQL to the admin endpoint using privileged headers, with no artifact-shown confirmation, validation, dry-run, or restriction to safe operations.
await fetch(`${API}/admin/v1/projects/${process.argv[2]}/sql`, {
method: "POST", headers, body: process.argv.slice(3).join(" ")
});Require explicit user approval before admin SQL, show the exact project and SQL to be executed, and prefer constrained workflows for common tasks.
The skill may operate with administrator-level database credentials from the user’s local environment, increasing the impact of mistakes or unintended agent actions.
The code reads a persistent local Run402 project config and uses a stored service_key as a bearer credential, even though the registry declares no required config paths or primary credential.
const CONFIG_DIR = join(homedir(), ".config", "run402");
const projects = JSON.parse(readFileSync(join(CONFIG_DIR, "projects.json"), "utf-8"));
const p = projects.find(x => x.project_id === process.argv[2]);
const headers = Object.fromEntries([["Content-Type","text/plain"],["Authorization",["Bearer", p.service_key].join(" ")]]);Declare the required config path and credential use, limit the service key’s scope where possible, and require clear user consent before using stored admin credentials.
Users may not realize there is included code capable of performing credentialed admin database actions.
The package is presented as instruction-only but includes a runnable helper file; the helper is small and visible, but its presence and intended invocation are not documented in SKILL.md.
No install spec — this is an instruction-only skill. Code file presence 1 code file(s): sql2.mjs
Document the helper’s purpose, invocation, credential requirements, and safety expectations, or remove it if the skill is intended to be instruction-only.