ClawHub

youmind-devto-article

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Dev.to writing and publishing workflow that uses a YouMind API key and external services, with no artifact evidence of malware or hidden destructive behavior.

Install only if you are comfortable giving the skill a YouMind API key and letting it send topics, draft content, and publishing actions to YouMind/Dev.to. Use a scoped/revocable API key, review drafts before publishing, and explicitly specify the desired output language for non-English source material.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Context-Inappropriate Capability

Low
Confidence
87% confidence
Finding
The pipeline explicitly instructs the agent to read a local configuration file from the user's home directory and validate stored API credentials, even though the skill is presented as a writing/publishing workflow. Accessing local secrets is security-sensitive because it expands the skill's privileges beyond article drafting and can expose or misuse credentials if the agent logs, echoes, or transmits them during validation.

Natural-Language Policy Violations

Medium
Confidence
90% confidence
Finding
The playbook includes a translation/localization path that defaults non-English source material into an English Dev.to post without first checking the user's preferred output language. This can override user intent, cause unauthorized language transformation, and lead the agent to produce content in a language the user did not request.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
Requiring English tags and implying English-oriented adaptation for non-English sources bakes in a silent language-policy decision that may not match the user's goals. In an automated publishing skill, this can mispublish content, reduce accessibility for the intended audience, and transform meaning without consent.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
Directing non-English content to be translated and adapted into English without an explicit preference check creates a workflow-level consent and fidelity issue. In this skill's context, the risk is elevated because the output is intended for publication, so an unintended translation can immediately affect public-facing content and audience targeting.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
Reading a local config file that contains an API key without an explicit warning or consent step creates a secret-handling vulnerability. Users invoking a content-writing skill would not reasonably expect home-directory credential access, and any downstream use of the key for validation or debugging increases the chance of accidental disclosure or unauthorized API activity.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The pipeline sends user-provided topics to the YouMind knowledge base and web search services without a clear privacy disclosure. Topic text may contain sensitive project names, unpublished ideas, or proprietary context, so silent transmission to external services can leak confidential information beyond the local writing session.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The fallback behavior writes adapted markdown to local disk without notifying the user, which is an undeclared side effect. Silent file creation can leave sensitive draft content, internal URLs, or unpublished material on the filesystem in locations the user did not approve or expect.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal