ClawHub

Appian Discovertechdebt

Security checks across malware telemetry and agentic risk

Overview

The skill’s Appian scanning behavior is mostly coherent, but it can silently load Appian credentials from local parent directories before making authenticated Appian API calls.

Install only if you trust this skill with your Appian environment. Prefer injected APPIAN_BASE_URL and APPIAN_API_KEY, remove or tightly control any appian.json files in the working tree or parent directories before running it, and be aware it stores exported Appian ZIPs locally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The documented fallback to loading credentials from a local appian.json expands the credential sources beyond the stated runtime-injected secrets model. This can cause unintended secret consumption from the working directory, increase the chance of using stale or attacker-planted credentials, and weaken the boundary between authorized secret injection and arbitrary local files.

Context-Inappropriate Capability

Medium
Confidence
86% confidence
Finding
The skill does more than consume the declared environment credentials: it walks up the filesystem and loads secrets from a local appian.json file if present. That expands its trust boundary to arbitrary repository or parent-directory files, which can cause it to use unintended credentials or secrets placed on disk without explicit user consent. In this context the risk is somewhat elevated because the skill already performs authenticated network actions against Appian, so silently switching credential sources can redirect or broaden access.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal