bitclawden

Security checks across malware telemetry and agentic risk

Overview

This Bitwarden helper can access and change vault credentials, but that sensitive access is clearly disclosed and matches its purpose.

Install only if you want an agent to operate on an unlocked Bitwarden vault. Keep BW_SESSION secret, review any create/edit/folder-move request before it is run, and consider installing or verifying the Bitwarden CLI yourself instead of relying on the unpinned curl installer.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 79% confidence
Finding: The skill includes create and edit operations for vault items but does not require explicit user confirmation before modifying stored credentials. In a credential-management context, silent or overly eager modification is risky because it can overwrite secrets, move items, or create incorrect entries that disrupt authentication and potentially lock users out of accounts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal