ClawHub
Back to skill

Security audit

copy-paste.cloud

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward pastebin integration, with the main risk being that pasted content and an API key are sent to copy-paste.cloud as part of the advertised behavior.

Install only if you trust copy-paste.cloud with your API key and pasted content. Do not upload secrets, credentials, private logs, customer data, or proprietary code unless you intentionally want that data stored there; use --private for non-public pastes and do not treat expiration or burn-after-read as strong secrecy.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill declares executable shell scripts and network access but does not declare corresponding permissions, creating a capability/permission mismatch. This can undermine user and platform trust because the skill can transmit data externally and invoke shell tooling without an explicit permission boundary in the manifest.

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The script advertises a public paste reader/creator capability, but it will automatically use a COPYPASTE_API_KEY from the environment to access private or group-scoped pastes. That creates a scope mismatch: an agent or user invoking a seemingly public-read skill could unintentionally retrieve non-public data if the environment is privileged, increasing the risk of unauthorized disclosure.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README promotes creating pastes on a public pastebin and includes examples for sharing arbitrary file contents, temporary pastes, and even 'secret snippet' content, but it does not clearly warn users that data may become publicly accessible or otherwise exposed. In a skill designed to move content to an external paste service, this omission increases the risk that users upload sensitive code, credentials, logs, or proprietary data under a mistaken assumption of safety.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script silently reads COPYPASTE_API_KEY from the environment and sends it as a Bearer token without any user-facing indication that authenticated access is being used. In an agent setting, this can cause unintended use of ambient credentials and retrieval of more sensitive data than the operator expects, especially when processing untrusted paste IDs or mixed-trust requests.

External Transmission

Medium
Category
Data Exfiltration
Content
| URL | Method | Data sent |
|-----|--------|-----------|
| `https://api.copy-paste.cloud/api/v1/pastes/recent` | GET | API key (header) |
| `https://api.copy-paste.cloud/api/v1/pastes/{id}` | GET | paste ID (path) |
| `https://api.copy-paste.cloud/api/v1/pastes` | POST | API key (header), paste content, metadata |
Confidence
91% confidence
Finding
https://api.copy-paste.cloud/

External Transmission

Medium
Category
Data Exfiltration
Content
|-----|--------|-----------|
| `https://api.copy-paste.cloud/api/v1/pastes/recent` | GET | API key (header) |
| `https://api.copy-paste.cloud/api/v1/pastes/{id}` | GET | paste ID (path) |
| `https://api.copy-paste.cloud/api/v1/pastes` | POST | API key (header), paste content, metadata |

---
Confidence
95% confidence
Finding
https://api.copy-paste.cloud/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal