ClawHub

1password.Bak

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate 1Password CLI helper, but it gives an agent sensitive vault access and includes examples that can expose secrets in output or files.

Install only if you deliberately want an agent helping with 1Password CLI tasks. Approve access for a specific account and item, avoid commands that print secrets such as printenv or --no-masking, avoid writing keys or passwords to disk unless you requested it, and make sure tmux sessions and generated files are cleaned up after use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The examples demonstrate commands that reveal secrets in terminal output and write secret material to local files, but they provide no warning about the exposure risks. In a credential-management skill, this is dangerous because users may copy the examples directly, causing secrets to be logged in shell history, CI output, screenshots, or left on disk with weak permissions.

Env Variable Harvesting

High
Category
Data Exfiltration
Content
## Run

- `export DB_PASSWORD="op://app-prod/db/password"`
- `op run --no-masking -- printenv DB_PASSWORD`
- `op run --env-file="./.env" -- printenv DB_PASSWORD`

## Inject
Confidence
98% confidence
Finding
printenv DB_PASSWORD

Env Variable Harvesting

High
Category
Data Exfiltration
Content
- `export DB_PASSWORD="op://app-prod/db/password"`
- `op run --no-masking -- printenv DB_PASSWORD`
- `op run --env-file="./.env" -- printenv DB_PASSWORD`

## Inject
Confidence
86% confidence
Finding
printenv DB_PASSWORD

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal