ClawHub

dmp-cli

Security checks across malware telemetry and agentic risk

Overview

The skill is purpose-aligned, but it needs review because it handles sensitive DMP credentials and audience data while recommending unsafe secret handling and unverified system-wide CLI installation.

Install only if you trust the Mingdata DMP CLI source and can verify the release you are installing. Use a secret manager or CI secret store instead of pasting secrets into shell commands, avoid logging environment variables, and confirm you are authorized to upload or sync the audience data involved.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs users to place a plaintext secret key in the DMP_SECRET_KEY environment variable for non-interactive use, but provides no warning about secret handling, shell history, process exposure, CI log leakage, or least-privilege practices. In a skill intended for agent and CI workflows, this increases the chance that sensitive credentials will be exposed through environment dumps, debugging output, or inherited subprocess environments.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The examples show use of sensitive credentials and operations on audience data, including environment variables for secrets and identifiers/paths for uploaded datasets, but provide no warning about secret handling, shell history exposure, access control, or the sensitivity of the underlying user data. In a skill intended to help operators run real DMP workflows, this omission can normalize unsafe handling of credentials and regulated audience data, increasing the risk of leakage or misuse.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The installation snippet downloads a release identifier from the network, fetches a binary, marks it executable, and then performs a privileged move into /usr/local/bin using sudo, all without any authenticity verification or warning. This creates a supply-chain risk: if the release source, network path, or user environment is compromised, a malicious binary could be installed system-wide with elevated trust.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal