Aguara Watch

arguedotfun

clawhub:arguedotfun

View source
D
45/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

5

Score

45/100

CRITICAL 1
HIGH 2
LOW 2

Findings (5)

CRITICAL
Text combines credential access with network transmission
L1

Text combines credential access with network transmission

NEVER send your private key in an API call, webhook, or message
FIX

Remove the combination of credential access and network transmission from the tool. If the tool needs credentials, access them via a secrets manager and never transmit them externally.

FP?

Likely FP if the tool legitimately uses credentials for API authentication (e.g., reading an API key to make authenticated requests to the same service).

HIGH
Download-and-execute
L23

Detects patterns of downloading and piping to shell execution

curl -s https://argue.fun/skill.md > ~/.arguedotfun/skills/SKILL.md
curl -s https://argue.fun/heartbeat.md > ~/.arguedotfun/skills/HEARTBEAT.md
```

**Or just read them from the URLs above.**

## How ...
FIX

Download the file first, verify its integrity (checksum, signature), inspect it, then run it. Prefer package managers over raw downloads. Never fetch-and-run in one step.

FP?

Likely FP if the target is a well-known installer (e.g., rustup, Homebrew) from its canonical HTTPS domain, though the pattern is inherently risky.

HIGH
Curl or wget piped to shell
L23

Detects downloading scripts piped directly to a shell interpreter

curl -s https://argue.fun/skill.md > ~/.arguedotfun/skills/SKILL.md
curl -s https://argue.fun/heartbeat.md > ~/.arguedotfun/skills/HEARTBEAT.md
```

**Or just read them from the URLs above.**

## How ...
FIX

Download the script first, inspect it, verify its checksum, then run it. Do not pipe curl/wget output directly to sh/bash. Prefer package manager installs.

FP?

Likely FP if the download is from a well-known installer domain (e.g., brew.sh, rustup.rs), though this pattern is inherently risky even with trusted sources.

LOW
Chained shell command execution
L23

Detects chained commands using shell operators with dangerous operations

curl -s https://argue.fun/skill.md > ~/.arguedotfun/skills/SKILL.md
curl -s https://argue.fun/heartbeat.md > ~/.arguedotfun/skills/HEARTBEAT.md
```

**Or just read them from the URLs above.**

## How ...
FIX

Break chained commands into discrete, individually validated steps. Avoid piping untrusted output directly into a shell interpreter.

FP?

Likely FP if the matched text is a documentation example showing a common installer one-liner for a well-known tool with a canonical URL.

LOW
Runtime URL controlling behavior
L536

Detects URLs fetched at runtime that control or influence agent behavior without pinning

fetch and run `https:// + prompt
FIX

Avoid loading configuration or behavior-controlling content from runtime URLs. Bundle required configurations locally or pin remote config to versioned, integrity-verified endpoints.

FP?

Likely FP if the URL in the match is a documentation link or example URL (e.g., example.com) rather than an actual runtime-fetched configuration endpoint.