ClawHub

Tene CLI — Local-First Secrets

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only skill for using the Tene secret manager, and its sensitive behavior is disclosed and aligned with that purpose.

Install this only if you intend to use Tene for project secrets. Review the exact commands before allowing an agent to run them, especially imports, deletes, deploys, and production runs. Prefer verifying imported key names and keeping a temporary backup before deleting any .env files, and do not paste secret values, master passwords, or recovery phrases into chat.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The activation criteria are extremely broad for a secret-management skill, causing it to trigger on generic mentions of secrets, tokens, environment variables, or commands that may not actually involve tene. This can redirect unrelated workflows into this skill, increasing the chance the agent requests, handles, or transforms sensitive material unnecessarily.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The example trigger phrases include ordinary requests like storing a key or injecting env vars, which are common across many tools and contexts. Ambiguous invocation boundaries make accidental activation likely, exposing users to tool-specific guidance and secret-handling flows when a different secret store or a non-secret task may be intended.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The example directs deletion of the plaintext `.env` file immediately after import without an explicit confirmation or backup-validation step. In an agentic context, that can cause irreversible data loss if import failed, imported incomplete values, or targeted the wrong file, especially because the agent is shown executing `rm .env` non-interactively.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal