ClawHub

AFFiNE Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed AFFiNE CLI reference that can manage and delete workspace content, so it is appropriate only for users who intentionally want that level of access.

Install only if you trust the affine-cli npm package and want an agent or CLI to modify your AFFiNE workspace. Use a limited token where possible, prefer environment variables or a secure secret store, avoid inline tokens in shared logs, and require explicit confirmation before deletion, publishing, permanent cleanup, replacement, or bulk database operations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (7)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill advertises multiple destructive operations such as deleting documents, folders, files, collections, comments, and database rows, but provides no warning about irreversibility, scope, or confirmation practices. In an agent setting, this increases the risk of accidental or over-broad data loss if a user or downstream system invokes these commands without safeguards.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill tells users to authenticate using an API token and shows token-passing examples, but does not warn that the token is sensitive or should not be hardcoded, logged, pasted into shared terminals, or committed to files. This can lead to credential exposure and unauthorized access to Affine workspaces.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation exposes an entire-database deletion command without any caution about irreversible data loss, confirmation safeguards, or advice to verify targets before execution. In an agent skill context, users may copy commands directly, so omission of warnings materially increases the chance of accidental destructive actions against the wrong document or database.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The `database remove` command supports row deletion by query, enabling bulk destructive changes, yet the documentation provides no warning about accidental mass deletion or guidance for validating the selection first. This is especially risky because query-based targeting can match more rows than intended, causing silent data loss when users follow the examples as written.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation exposes a destructive command (`tags delete`) without warning that it removes the tag entirely and may affect organization or discoverability across documents. In an agent skill context, terse command docs can be translated directly into actions, so the lack of cautionary language increases the chance of unintended destructive operations.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The `folder delete` command is documented without clarifying what happens to contained documents/subfolders or warning that deletion changes workspace structure. In an agent-driven environment, missing safety notes can lead to accidental removal of important organizational data or cascading changes if the command is used blindly.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The `folder clear` command performs bulk cleanup of all empty folders but is presented without warning about irreversible workspace-wide changes. Bulk actions are especially risky in skills because an agent may execute them broadly from natural-language intent, magnifying the impact of a misunderstanding or mis-targeted workspace.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal