ClawHub

Qlik Cloud

Security checks across malware telemetry and agentic risk

Overview

This skill is purpose-aligned for Qlik Cloud, but it asks for broad tenant credentials and documents high-impact actions without clear safety controls.

Review before installing. Use only with a least-privilege Qlik API key, avoid storing secrets in shared or committed files, and require explicit confirmation before deleting apps, triggering or canceling reloads, running automations, or triggering alerts. Verify the missing scripts from a trusted source before providing credentials.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The invocation description is broad enough to match generic analytics, dashboard, or business-data requests, which can cause the agent to select this skill in situations where the user did not explicitly intend to access Qlik Cloud. Because this skill exposes tenant-wide search, user/governance, lineage, and state-changing actions, overbroad routing increases the chance of unintended data access or operational changes.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This section documents destructive and state-changing operations such as app creation, deletion, reload triggering, and reload cancellation without any caution, confirmation, or authorization guidance. In an agent context, these actions can materially alter production analytics assets or interrupt business reporting if invoked from ambiguous prompts or by users who should only have read-only workflows.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation includes automation execution and alert triggering without warning that these operations may run workflows, send notifications, or consume external integrations and platform resources. In practice, these capabilities can have real downstream side effects beyond Qlik itself, making silent invocation risky in an autonomous or semi-autonomous agent environment.

Missing User Warnings

Low
Confidence
81% confidence
Finding
The setup instructions tell users to place a Qlik API key in configuration and shell environment examples but provide no warning about secret handling, storage, rotation, or log exposure. In skill ecosystems, users often paste credentials into shared files, prompts, terminals, or telemetry-enabled environments, which increases the likelihood of credential leakage and subsequent tenant compromise.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal