ClawHub

Heroku

Security checks across malware telemetry and agentic risk

Overview

This Heroku skill is legitimate in purpose, but it gives an agent broad authenticated power over Heroku resources without enough built-in safeguards.

Install only if you want an agent to administer Heroku through Membrane. Use a least-privileged Heroku account where possible, confirm the exact app and action before create, update, delete, collaborator, domain, add-on, config-var, or proxy requests, avoid displaying full config-var values unless necessary, and revoke the Membrane/Heroku connection when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
Referencing config vars without warning that they commonly contain secrets can lead an agent to retrieve and expose credentials, API tokens, database URLs, or other sensitive material in normal task flow. In a Heroku management skill, this is especially risky because config vars are a standard secret storage mechanism and users may not realize a simple 'get config vars' action can disclose production secrets.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The proxy request section enables arbitrary requests, including POST, PATCH, PUT, and DELETE, without requiring explicit confirmation or warning about destructive effects. In the context of a Heroku administration skill, this can allow unintended modification or deletion of apps, domains, collaborators, or other production resources if the agent acts on ambiguous prompts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal