ClawHub

HoneyDew

Security checks across malware telemetry and agentic risk

Overview

HoneyDew is a disclosed documentation-only skill for controlling a local Kanban app, with normal cautions around delete actions and unauthenticated local access.

Install this only if you want an agent to manage a HoneyDew board. Keep the HoneyDew API bound to localhost or a trusted network, review delete, bulk-change, and transfer requests before allowing them, and avoid storing secrets in cards or comments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The README explicitly states that the agent can automatically create, update, move, delete, and transfer cards through the API, but it does not warn users that natural-language requests may trigger irreversible or data-modifying actions. In an agent skill context, this increases the risk of unintended destructive operations or social-engineered prompts causing board changes without clear user awareness or confirmation.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill exposes destructive DELETE operations for boards, columns, and cards without any guidance to confirm user intent or warn about irreversibility. In an agent context, this increases the chance of accidental data loss because the model may carry out deletion requests or inferred cleanup actions without an explicit confirmation step.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The manifest explicitly advertises create, update, move, and delete operations for boards and cards, but it does not warn users that the agent can perform irreversible data modifications. In an agent setting, this omission is risky because users may invoke the skill conversationally without realizing it can delete or alter task data, increasing the chance of accidental destructive actions or prompt-induced misuse.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal