ClawHub

Pinboard Manager

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Pinboard bookmark-management skill, but it needs a Pinboard API token and can read, update, and delete bookmarks when the user confirms actions.

Install only if you are comfortable giving the agent a Pinboard API token with read and modify access. Review every proposed update or deletion before confirming, consider exporting a Pinboard backup before bulk cleanup, avoid Jina-based timeliness checks for private/internal URLs, and delete /tmp/pinboard_all.json after use if your bookmarks are sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (7)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill documents a destructive delete operation without an adjacent explicit warning or confirmation requirement, which increases the risk of accidental or overly eager bookmark deletion. In a bookmark-management skill, destructive actions are expected, but lacking strong safeguards makes unintended data loss more likely.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill includes a concrete API call to permanently delete bookmarks but does not pair it with an explicit destructive-action warning or a strong confirmation requirement. In an agent setting, that omission increases the chance of accidental data loss because the workflow could normalize deletion as a routine cleanup step without ensuring the user understands the consequence.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs use of an authentication token directly in a curl command and stores the full bookmark export in /tmp without any warning about credential handling, local file exposure, or log/history leakage. Even though the destination is the legitimate Pinboard API, embedding secrets in command lines can expose the token via shell history, process listings, agent logs, or debugging output.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs use of network calls that include a sensitive Pinboard auth token and transmit the user's full bookmark dataset, but the skill metadata/flow does not provide an explicit privacy warning or informed-consent step before this collection and transmission. In addition, later steps send bookmark URLs and page content to a third-party service (Jina Reader), which increases the privacy risk because saved links can reveal sensitive interests, work projects, or internal resources.

External Transmission

Medium
Category
Data Exfiltration
Content
**CRITICAL**: Always pass ALL fields to avoid data loss. The `/posts/add` endpoint overwrites the entire bookmark.

```bash
curl -s "https://api.pinboard.in/v1/posts/add?auth_token=$PINBOARD_AUTH_TOKEN&format=json&url=ENCODED_URL&description=ENCODED_TITLE&extended=ENCODED_NOTES&tags=ENCODED_TAGS&shared=ORIGINAL_SHARED&toread=ORIGINAL_TOREAD&replace=yes"
```

Required fields to preserve:
Confidence
88% confidence
Finding
https://api.pinboard.in/

External Transmission

Medium
Category
Data Exfiltration
Content
### Delete a bookmark

```bash
curl -s "https://api.pinboard.in/v1/posts/delete?auth_token=$PINBOARD_AUTH_TOKEN&format=json&url=ENCODED_URL"
```

### Rate limiting
Confidence
90% confidence
Finding
https://api.pinboard.in/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# Only fetch if cache doesn't exist or is stale
if [ ! -f /tmp/pinboard_all.json ]; then
  curl -s "https://api.pinboard.in/v1/posts/all?auth_token=$PINBOARD_AUTH_TOKEN&format=json" > /tmp/pinboard_all.json
fi
```
Confidence
88% confidence
Finding
https://api.pinboard.in/

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal