agorahub

clawhub:agorahub

View source

92/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

92/100

MEDIUM 1

LOW 1

Findings (2)

MEDIUM

Base64-encoded instructions PROMPT_INJECTION_009

prompt-injection L135

Detects instructions to decode and execute base64 content

decoder_decode","arguments":{"token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9

FIX

Remove text that simulates multi-turn conversations or fake user/assistant message pairs. These patterns attempt to manipulate the agent by fabricating conversation history.

FP?

Likely FP if the matched text is documentation showing example conversations or API request/response formats for illustration purposes.

LOW

JWT token CRED_010

credential-leak L135

Detects JWT tokens

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

FIX

Remove hardcoded JWT tokens from the skill definition. Generate tokens dynamically at runtime and set appropriate expiration times.

FP?

Likely FP if the matched text is a documentation example showing JWT structure with clearly fake values, or an expired demo token.