ClawHub

Observability Lgtm

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local observability skill, but it grants unauthenticated admin access to Grafana and can export trace data beyond the machine if configured.

Install only on a trusted local development machine. Before running it on a remote dev box, shared network, or production-like environment, bind ports to localhost, enable Grafana authentication or reduce anonymous access to Viewer, review whether logs and traces may contain secrets or personal data, and confirm OTLP_ENDPOINT is unset or points only to your intended local collector.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Natural-Language Policy Violations

Medium
Confidence
98% confidence
Finding
Grafana is explicitly configured for anonymous access with the organization role set to Admin and the login form disabled, which means anyone who can reach port 3000 gets full administrative control of the Grafana instance. Even in a local-dev observability stack, this is risky because dashboards, data sources, alerting configuration, and any secrets stored in Grafana can be viewed or modified if the service is exposed beyond the intended localhost-only context.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The code enables outbound telemetry export by default to an OTLP endpoint derived from configuration, with a fallback of localhost:4317, but it does not provide any explicit user-facing notice, consent mechanism, or clear warning that application traces may be transmitted off-process or off-host if the endpoint is changed. In an agent skill intended as a drop-in observability helper, this increases the risk of unintentionally sending potentially sensitive request metadata, span attributes, or exception details to an external collector, especially in environments where OTLP_ENDPOINT is centrally set.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal