ClawHub

Query Papers

Security checks across malware telemetry and agentic risk

Overview

The skill appears intended to query a user's Gitea paper knowledge base, but it requires a plaintext site-admin Gitea token and persistently logs user queries, which warrants careful review before installation.

Install only if you control and trust the configured Gitea server and are comfortable giving this skill a site-admin token. Prefer a dedicated least-privilege token if possible, protect the .env file, exclude it from backups and version control, and make sure users know their search questions are written to log.md.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly instructs persistent logging of the user's query text via `log_query.py` and does not require any user-facing notice, consent, retention limit, or opt-out. Query history can contain sensitive research interests, proprietary topics, or personal data, so silent collection increases privacy and compliance risk even if the feature is intended for analytics or product improvement.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script records user query content to a persistent log keyed to a specific user identifier without any notice, consent flow, or minimization beyond truncating length. Search queries can contain sensitive information, so silently storing them creates a privacy risk and can expose personal or confidential data if logs are later accessed, retained too long, or mishandled.

Credential Access

High
Category
Privilege Escalation
Content
echo "[2/3] 检查 .env 配置..."
if [ ! -f .env ]; then
  cp env-example.txt .env
  echo "  已生成 .env,请编辑填入真实的 GITEA_ADMIN_TOKEN!"
else
  echo "  .env 已存在,跳过。"
Confidence
79% confidence
Finding
.env

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal