ClawHub

readx

Security checks across malware telemetry and agentic risk

Overview

readx is a coherent Twitter/X analysis skill, but users should handle its readx API key carefully because setup can expose or store that credential.

Install only if you trust readx.cc with your Twitter/X data queries and API usage. Prefer an environment variable or secure config for READX_API_KEY, avoid sharing MCP config files or screenshots containing the key, rotate the key if exposed, and be mindful that broad or parallel analyses may use API credits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README instructs users to place the API key directly in the MCP server URL query string. Query-string credentials are commonly exposed through shell history, editor config files, logs, process listings, browser/history artifacts, screenshots, and shared configuration repositories, so this guidance increases the likelihood of accidental credential disclosure. Because this skill relies on a remote MCP server, exposure of the key could allow unauthorized use of the user's account or API quota.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The setup trigger conditions are broad enough that the skill may activate credential collection or configuration flows on loosely related prompts, such as generic Twitter discussion or transient tool errors. In a skill that handles API keys and remote MCP configuration, overbroad triggering increases the chance of unnecessary secret requests, unintended persistence, or accidental connection to an external service without clear user intent.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs the agent to persist API keys to disk if absent, but does not require a prominent warning about local credential-storage risk, file permissions, multi-user systems, or plaintext exposure. Because this skill explicitly handles a reusable secret for a third-party service, silent or underexplained persistence can lead to credential theft from local files, backups, shared environments, or later prompt-induced disclosure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal