ClawHub

Maven依赖管理服务

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This Maven helper is broadly related to dependency checking, but it handles secrets and local project metadata in ways users should review before installing.

Install only if you trust the Xiaobenyang Maven API service and are comfortable with your API key being saved in a local .env file and project paths or scan metadata being sent to that service. Use a limited-scope key if possible, keep .env out of version control, and avoid running it on sensitive private repositories unless the publisher documents storage, deletion, and data handling clearly.

SkillSpector (8)

By NVIDIA

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The workflow example instructs the model to call a gaokao school-search function instead of Maven-related functions, indicating copy-paste contamination from another skill. In practice, this kind of instruction mismatch can route user data to the wrong tool or service and cause unintended disclosure or incorrect operations.

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
This code persists an API key to a local .env file and process environment even though the advertised skill is Maven dependency management. The mismatch in scope increases suspicion because credential-management behavior is unrelated to the declared functionality and creates unnecessary secret-handling risk if the workspace is shared, logged, or committed.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill requires the user to provide an API key and explicitly stores it, but it does not warn the user that the key will be persisted in configuration. This creates a secret-handling transparency failure that can lead to users unintentionally disclosing credentials to local storage or logs without informed consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The function writes the provided API key directly into .env without any user-facing warning, consent flow, file-permission hardening, or guidance about repository exposure. This is dangerous because .env files are often accidentally committed, copied, or read by other tooling, resulting in credential leakage.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The tool forwards potentially sensitive local project metadata, including workspace paths, active Maven profiles, scan settings, and possibly vulnerability-related results, to a network-backed API via call_api without any visible consent, disclosure, or data minimization in this file. In an AI-agent skill context, users may reasonably assume analysis happens locally, so silently transmitting repository structure or project-identifying information creates a privacy and data-exposure risk.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
This function sends a local pom_file_path to an external API without any visible notice, path scrubbing, or indication that filesystem metadata leaves the host. Even if only the path is sent, file paths often reveal usernames, internal directory layouts, repository names, and other sensitive environment details that should not be disclosed implicitly.

Ssd 3

Medium
Confidence
98% confidence
Finding
The instructions tell the model to solicit a user API key through natural-language chat and then persist it via a configuration function. Collecting secrets conversationally increases the chance of accidental exposure in chat history, logs, analytics, or prompt context, and persistence further raises the impact if the environment is shared or compromised.

Ssd 3

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to directly present raw API response data to the user without filtering or semantic review. If the upstream service returns sensitive metadata, tokens, internal paths, error traces, or overbroad scan results, the agent may unintentionally disclose information that should be redacted or summarized.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal