ClawHub

禅道-ZenTao

Security checks across malware telemetry and agentic risk

Overview

This appears to be a disclosed ZenTao API integration, but it requires ZenTao credentials and includes create/update/delete capabilities that users should control carefully.

Before installing, confirm you are comfortable storing ZenTao credentials in TOOLS.md, use a least-privilege account, and carefully review any create/update/delete operation before confirming it.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI03: Identity and Privilege Abuse
Medium
What this means

If configured with a powerful ZenTao account, the agent could access or modify sensitive project-management data through that account.

Why it was flagged

The skill requires ZenTao account credentials to authenticate to the user's ZenTao instance. This is purpose-aligned for an API integration, but it grants whatever ZenTao permissions that account has.

Skill content
ZenTao API credentials are stored in the `TOOLS.md` file ... - **Username:** <your-username> - **Password:** <your-password>
Recommendation

Use a least-privilege ZenTao account, protect TOOLS.md, and do not commit or share the credential file.

#
ASI02: Tool Misuse and Exploitation
Medium
What this means

Confirmed actions could create, change, or delete ZenTao business records and users.

Why it was flagged

The skill documents broad mutation authority over ZenTao users and project-management objects. It also states these actions require confirmation, making this disclosed and purpose-related rather than hidden.

Skill content
Action Operations (Confirmation Required) ... Create user ... Update user info ... Delete user ... Create project ... Update project ... Delete project
Recommendation

Review every proposed create/update/delete action before confirming, and prefer a read-only ZenTao account if you only need queries.

#
ASI04: Agentic Supply Chain Vulnerabilities
Low
What this means

The skill may fail until the missing dependency is installed, and users may need to verify what they install.

Why it was flagged

The code imports httpx, but the provided requirements.txt only lists requests and beautifulsoup4. This looks like an incomplete dependency declaration rather than malicious behavior.

Skill content
import requests
import httpx
Recommendation

Install dependencies from trusted package indexes and confirm whether httpx is required before use.