ClawHub

Gitea

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Gitea CLI helper, but it includes sensitive secret-listing and token-login examples that require caution.

Install this only if you want an agent to help operate Gitea repositories. Use a token limited to the needed repositories and scopes, avoid pasting real tokens into shared logs or transcripts, confirm the target Gitea instance before running commands, and treat repository secret names and login configuration as sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly documents a command to list repository secrets, which exposes the existence and potentially sensitive metadata of CI/CD secrets and normalizes access to highly sensitive configuration without any warning or access-control guidance. In an agent context, this is dangerous because it can prompt an automated system to retrieve or surface secret-related data during routine repository interaction, increasing the risk of credential disclosure or misuse.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation instructs users to pass an access token directly on the command line without warning that command-line arguments can be exposed via shell history, process listings, logs, or transcripts. In an agent-driven environment, this is especially risky because the token may be embedded in prompts, execution traces, or telemetry, leading to credential compromise for the Gitea instance.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal