ClawHub

Bitwarden CLI

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Bitwarden CLI guide, but it handles vault secrets and should be used with careful session and secret hygiene.

Install only the official Bitwarden CLI, unlock the vault only for the task at hand, request specific items rather than broad vault listings, keep BW_SESSION and exported secrets out of logs and shared shells, unset secret environment variables after use, and run bw lock or bw logout when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The examples encourage exporting secrets directly into environment variables and command lines without warning about exposure through shell history, child processes, debug logs, crash reports, or long-lived terminal sessions. In a secrets-management skill, this is more dangerous because users are likely to copy-paste these patterns into real environments handling production credentials.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The attachment example writes sensitive material such as certificates to disk without warning about filesystem exposure, backups, permissive default umasks, or leftover artifacts. Because this skill is specifically about retrieving secrets from a vault, examples that persist them locally can directly increase the chance of credential disclosure on shared or monitored systems.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The guidance tells users to export Bitwarden API credentials and a raw session token into environment variables without warning about common leakage paths such as shell history, process inspection, inherited environments, CI logs, and persisted tmux or shell sessions. In a secrets-management skill, this is especially sensitive because the exposed values directly grant vault access or unlock capability, so omission of handling precautions creates a real security risk even if the commands are standard.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal