ClawHub

Next-Supabase-Vercel Bundle

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Next.js/Supabase/Vercel scaffolding tool, but it needs review because it runs powerful local and deployment commands with weak input validation and under-warns about high-privilege Supabase keys.

Install or run only in a trusted project directory. Use simple project names and numeric ports, review generated files before committing, verify the active Vercel account and project before deploying, and keep SUPABASE_SERVICE_KEY server-only; rotate it if it is ever exposed in logs, screenshots, client code, or a repository.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill declares no permissions while its documented behavior requires reading `.env.local`, handling secrets, invoking CLIs, and performing deployments. This mismatch reduces transparency and weakens trust boundaries, making it easier for a user or host system to authorize sensitive behavior without explicit review.

Missing User Warnings

High
Confidence
98% confidence
Finding
The documented output shows the Supabase service key being partially displayed to the terminal, which can leak sensitive credentials into shell history, logs, screenshots, CI output, or shared terminals. Service-role keys are highly privileged and should never be echoed back except in tightly controlled redacted form.

Missing User Warnings

High
Confidence
99% confidence
Finding
The skill instructs users to configure `SUPABASE_SERVICE_KEY` in Vercel for production without warning that this is an admin-level secret. Placing a service-role key into a deployed web app environment can enable full database bypass of RLS if exposed through server routes, logs, build steps, or misconfiguration.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The command builds shell command strings and passes them to execSync, including user-controlled projectPath/projectName. Although this is intended for local scaffolding, it can cause unintended command execution or dangerous side effects, especially because it runs package installation and git initialization without an explicit confirmation step. The skill context increases risk because this is an agent-oriented automation tool likely to be run with developer privileges on a workstation.

Credential Access

High
Category
Privilege Escalation
Content
SUPABASE_SERVICE_KEY=your_service_role_key_here
`;

  await fs.writeFile(path.join(projectPath, '.env.local'), envTemplate);
  await fs.writeFile(path.join(projectPath, '.env.example'), envTemplate);
}
Confidence
81% confidence
Finding
.env.local'

Known Vulnerable Dependency: next==14.0.0 — 10 advisory(ies): CVE-2026-44573 (Next.js has a Middleware / Proxy bypass in Pages Router applications using i18n); CVE-2026-44572 (Next.js's Middleware / Proxy redirects can be cache-poisoned); CVE-2025-48068 (Information exposure in Next.js dev server due to lack of origin verification) +7 more

High
Category
Supply Chain
Confidence
98% confidence
Finding
next==14.0.0

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal