Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
hello-example
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill has no executable behavior, but the published package includes a file it explicitly says should not be published, containing secret-like content.
This does not look like active malware because there is no code or install step, but the package should be reviewed before use because it includes a file that was supposed to be excluded. The publisher should remove secret.md and verify the ignore mechanism before republishing.
Static analysis
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
Users receive content that was intended not to be published; if this were a real secret file, installing or sharing the package could expose private configuration or credentials.
Why it was flagged
The file is present in the supplied package even though it identifies itself as a file that should have been excluded, indicating a packaging or ignore-rule failure.
Skill content
# SECRET — This file should NOT be published
Recommendation
Do not publish this package as-is. Remove secret.md, verify .clawhubignore behavior, republish, and rotate any real secrets if they were ever included.
What this means
The package may expose private-looking configuration examples and could confuse users about whether real credentials were leaked.
Why it was flagged
The included file contains a local private-looking path and an API-key-shaped value. The value is labeled fake and no code uses it, so this is a credential-exposure hygiene issue rather than proven account access.
Skill content
vault_path: /Users/hsw/super/private/path api_key: this-is-fake-but-should-be-excluded
Recommendation
Keep secret-like examples out of published artifacts, use clearly non-secret placeholders, and ensure any real keys are revoked if accidentally published.