ClawHub

Supernote Cloud

Security checks across malware telemetry and agentic risk

Overview

This skill matches its Supernote cloud purpose, but it should be reviewed because it handles account credentials, caches a token in a shared temp path, and has unsafe command-script input handling.

Install only if you trust the Supernote server and need this account-level file access. Prefer HTTPS or a trusted local network, avoid using it with sensitive files unless you intend to upload them, remove /tmp/.supernote_token after use, and be careful with filenames, directory names, and passwords containing quotes or other special characters until the script is hardened.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill supports fetching arbitrary third-party article URLs and uploading local documents to a self-hosted Supernote server, but the description does not warn users that their URLs, fetched content, and files are transmitted over the network. In this context, that omission matters because the configured example uses plain HTTP to a local host and the feature set can expose sensitive documents, browsing targets, and credentials to the server or network path without clear user awareness.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script stores the authentication token in a fixed path under /tmp, which is a shared, attacker-accessible location on multi-user systems. Even with chmod 600, using a predictable temp filename creates avoidable exposure to token theft, symlink attacks, or cross-session leakage if the file persists longer than intended.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal