agentyard

clawhub:agentyard

View source

84/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

84/100

MEDIUM 2

Findings (2)

MEDIUM

Sensitive file read pattern EXFIL_002

exfiltration L60

Detects reads of sensitive system or credential files

cat ~/.config

FIX

Prevent the tool from reading environment variables and sending them to external endpoints. If env access is needed, restrict it to specific variable names via an allowlist.

FP?

Likely FP if the match is documentation about how to configure environment variables, not code that reads and transmits them.

MEDIUM

Sensitive file read pattern EXFIL_002

exfiltration L322

Detects reads of sensitive system or credential files

cat ~/.config

FIX

Prevent the tool from reading environment variables and sending them to external endpoints. If env access is needed, restrict it to specific variable names via an allowlist.

FP?

Likely FP if the match is documentation about how to configure environment variables, not code that reads and transmits them.