ClawHub

Identitygram Signin

Security checks across malware telemetry and agentic risk

Overview

This sign-in skill does what it says, but it handles your IdentityGram password and returns login tokens that must be protected.

Install only if you trust the publisher and the IdentityGram endpoint. Expect your email and password to be sent to IdentityGram over the network, and treat any returned access or refresh token like a password: do not expose it in chats, logs, screenshots, or unrelated tools.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly instructs that user email and password are sent to a third-party remote endpoint, but it provides no privacy, consent, retention, or secure-handling warning. In a credential-handling skill, that omission is security-relevant because users or integrators may transmit highly sensitive authentication data without understanding where it goes, how it is protected, or whether returned tokens must be handled securely.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly accepts user credentials and returns raw authentication responses plus tokens, but provides no safeguards around secret handling, redaction, storage, or logging. In an agent ecosystem, exposing `raw`, `token`, `accessToken`, and `refreshToken` materially increases the chance of credential or session-token leakage through logs, traces, downstream tools, or prompt outputs.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
This skill collects highly sensitive credentials and transmits them to a remote service, then exposes authentication tokens in its response mapping, yet provides no explicit user-facing warning or consent boundary about credential handling. In an agent context, this increases the risk of users unknowingly providing passwords and of downstream components accessing reusable access or refresh tokens.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal