ClawHub

Anytype

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Anytype integration, but it ships private-looking setup data and gives agents broad read/write/delete access to an Anytype workspace.

Review before installing. Replace or remove the bundled SETUP.md values, use only your own Anytype space configuration, create a dedicated bot account with the least access practical, store the API key securely, and require explicit confirmation before delete/recreate or other destructive Anytype operations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The documentation is internally inconsistent: it first presents PATCH with a markdown body as an update mechanism, then later states PATCH cannot update content and only delete-and-recreate works. This can mislead an agent or operator into believing content was updated when it was silently ignored, creating integrity and operational risk around important knowledge records.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The setup directs users to append a live API key into a local .env file without warning about filesystem exposure, shell history, permissions, backups, or multi-user access. Storing bearer credentials in plaintext can lead to unauthorized API access if the workstation or workspace directory is exposed.

Credential Access

High
Category
Privilege Escalation
Content
def load_api_key():
    if "ANYTYPE_API_KEY" in os.environ:
        return os.environ["ANYTYPE_API_KEY"]
    env_path = os.path.expanduser("~/.openclaw/workspace/.env")
    if os.path.exists(env_path):
        for line in open(env_path):
            if line.strip().startswith("ANYTYPE_API_KEY="):
Confidence
87% confidence
Finding
.env"

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal