ClawHub

MH 1password

Security checks across malware telemetry and agentic risk

Overview

This 1Password skill is purpose-aligned overall, but its examples include unsafe ways to print or write secrets that could accidentally expose credentials.

Review the examples carefully before installing. Use this skill only if you are comfortable giving the agent access to your 1Password CLI, and avoid any example that prints secrets or writes them to ordinary project files unless you set restrictive permissions, keep them out of logs and git, and clean them up immediately.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The examples show secrets being written or rendered to local outputs, such as saving secret material to ./key.pem and injecting secrets into files, without any warning about filesystem exposure, permissions, cleanup, or avoiding commits/logging. In a secrets-management skill, this is dangerous because users may copy these commands directly and persist sensitive values in insecure locations.

Env Variable Harvesting

High
Category
Data Exfiltration
Content
## Run

- `export DB_PASSWORD="op://app-prod/db/password"`
- `op run --no-masking -- printenv DB_PASSWORD`
- `op run --env-file="./.env" -- printenv DB_PASSWORD`

## Inject
Confidence
98% confidence
Finding
printenv DB_PASSWORD

Env Variable Harvesting

High
Category
Data Exfiltration
Content
- `export DB_PASSWORD="op://app-prod/db/password"`
- `op run --no-masking -- printenv DB_PASSWORD`
- `op run --env-file="./.env" -- printenv DB_PASSWORD`

## Inject
Confidence
92% confidence
Finding
printenv DB_PASSWORD

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal