ClawHub

Zernio CLI

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Zernio social-media CLI skill, with expected API-key and network use for managing posts and accounts.

Install only if you are comfortable giving this CLI authority over the connected Zernio social accounts. Prefer browser login or a protected environment secret, avoid pasting real API keys into shared terminals or transcripts, protect ~/.zernio/config.json, and have agents ask before publishing, retrying, uploading media, or deleting posts/profiles.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
79% confidence
Finding
The skill clearly requires access to an API key via environment variables and performs network operations against a remote service, yet it does not declare explicit permissions for those capabilities. This weakens transparency and policy enforcement for agents or runners that rely on declared permissions to constrain sensitive behaviors, increasing the chance of unintended secret exposure or outbound actions.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The README states that an API key is saved to ~/.zernio/config.json but provides no warning about local secret exposure, file permissions, shared accounts, backups, or shell history risks when using manual key entry. In an AI-agent/CLI context, long-lived tokens stored on disk can be harvested by other local processes, leaked through misconfigured permissions, or accidentally committed/exfiltrated.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documentation instructs users to paste API keys directly into shell commands and environment variables without any warning about secret handling, shell history, logging, or least-privilege practices. In agent and CLI contexts, this can lead to credentials being stored in command history, transcripts, process lists, or shared logs, resulting in account compromise.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal