ClawHub

cli output compression for token savings with rtk

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed guide for using a CLI output-compression wrapper, with manageable cautions around secrets, retained logs, and verifying the external rtk binary.

Install this only if you trust the rtk binary available in your environment. Treat rtk as an output display layer, not permission to run mutating commands such as commits, pushes, deployments, docker, or kubectl actions. Avoid using environment-variable or log commands around secrets unless you are comfortable with values entering terminal output, model context, local tee logs, or command history.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly advertises `rtk env -f AWS` to display filtered environment variables, which can expose secrets such as access keys, session tokens, or internal endpoints into the model context or terminal logs. In this skill's context, the token-optimization wrapper encourages routine use on verbose commands, making accidental disclosure more likely because users may treat the wrapper as safe-by-default and overlook that environment variables often contain sensitive credentials.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation explicitly introduces `rtk env -f AWS` to surface environment variables but provides no warning that environment variables frequently contain credentials, tokens, and other secrets. In an LLM-agent setting, encouraging environment inspection without strong cautions can cause inadvertent secret disclosure into model context, logs, or chat transcripts.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal