Env credential access
Critical
- Finding
- Environment variable access combined with network send.
Eagle Skill
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill appears to do what it says—control a local Eagle library—but it can make persistent library changes and has an undocumented API-server override that users should keep local and trusted.
Install only if you want an agent to control your Eagle library. Keep Eagle's API endpoint local and trusted, verify that EAGLE_SERVER_URL is not pointing somewhere unexpected, and require confirmation before bulk edits, trash moves, tag merges, or other irreversible changes.
Static analysis
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
The agent can run the included Node CLI to perform Eagle library operations, including changes to items, tags, and folders.
Why it was flagged
The skill grants the agent permission to run Node commands, which is how the documented Eagle CLI is invoked. This is purpose-aligned, but it is still a real tool-execution capability.
Skill content
allowed-tools: Bash(node *)
Recommendation
Use the skill only when you want the agent to operate Eagle, and ask for confirmation before bulk, deletion, merge, or irreversible actions.
What this means
Incorrect or overly broad commands could permanently rename or merge tags, delete tag groups, move items, or reorganize library metadata.
Why it was flagged
The documented toolset includes persistent, irreversible library-management operations. That fits the stated purpose, but it can materially affect the user's asset library if used incorrectly.
Skill content
tag_merge ... This operation is irreversible.
Recommendation
Require explicit user approval for irreversible or bulk operations, and review item IDs, tag names, and folder IDs before execution.
What this means
If EAGLE_SERVER_URL is set to an unexpected or remote host, Eagle queries or library-management commands could be sent somewhere other than the intended local Eagle plugin.
Why it was flagged
The CLI can take its API server URL from an environment variable, while SKILL.md describes a local Eagle API server on port 41596 and does not document this override.
Skill content
let serverUrl = process.env.EAGLE_SERVER_URL || DEFAULT_SERVER;
Recommendation
Before use, confirm EAGLE_SERVER_URL is unset or points to the trusted local Eagle API server; the skill author should document this option and restrict or validate the endpoint if possible.