ClawHub

Freesound API

Security checks across malware telemetry and agentic risk

Overview

This Freesound helper is coherent and disclosed, but it stores API and OAuth secrets locally, so users should treat its credentials file as sensitive.

Install only if you are comfortable saving Freesound client credentials and OAuth token data in a local JSON file. Do not commit, sync, or share %APPDATA%\OpenClaw\freesound-api\credentials.json, prefer OAuth login over query-token fallback, and rotate the Freesound secret if it is pasted into chat or otherwise exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill clearly instructs the user to perform file reads/writes, use local environment paths, and make networked OAuth/API requests, yet no permissions are declared. This creates a transparency and policy-enforcement gap: users and any hosting framework cannot accurately assess or constrain the skill's capabilities before use.

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The code falls back to using the stored client secret as an API request token by placing it into request parameters when no OAuth access token is present. A client secret is not intended to be used as a bearer credential for API calls, and repurposing it this way risks accidental disclosure, misuse, and confusion between app authentication material and user access tokens.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The code sends a sensitive credential in the URL query string via the 'token' parameter. Query parameters are commonly logged by proxies, servers, browser history, diagnostics, and other tooling, so placing a secret there increases the chance of credential leakage even when HTTPS is used.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The code writes credential configuration to a predictable local JSON file without any visible protection, warning, or access control hardening. In this skill's context, storing OAuth client credentials locally is expected functionality, but saving them in plaintext under a user-accessible config directory increases the risk of accidental disclosure through local compromise, backups, or other software reading the file.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
This script accepts a Freesound client secret on the command line and persists it to a local config file without any user warning or visible safeguards around secret handling. In this skill's context, local credential storage is expected functionality, but storing OAuth client secrets locally can expose them to other local users, backups, logs, or process inspection if file permissions and handling are weak.

Credential Access

High
Category
Privilege Escalation
Content
2. Opens the Freesound authorization page in the browser
3. Receives the authorization code at `http://localhost:8787/callback`
4. Exchanges it for an access token
5. Saves the token back into `%APPDATA%\OpenClaw\freesound-api\credentials.json`

If the browser does not open, copy the printed URL manually.
Confidence
87% confidence
Finding
credentials.json

Credential Access

High
Category
Privilege Escalation
Content
1. Starts a temporary localhost callback server on port `8787`
2. Opens the Freesound authorization page in the browser
3. Receives the authorization code at `http://localhost:8787/callback`
4. Exchanges it for an access token
5. Saves the token back into `%APPDATA%\OpenClaw\freesound-api\credentials.json`

If the browser does not open, copy the printed URL manually.
Confidence
85% confidence
Finding
access token

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal