doubleword

clawhub:doubleword

View source

100/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

100/100

LOW 2

Findings (2)

LOW

Runtime URL controlling behavior THIRDPARTY_001

third-party-content L118

Detects URLs fetched at runtime that control or influence agent behavior without pinning

load through the Batches section at https:// + settings

FIX

Avoid loading configuration or behavior-controlling content from runtime URLs. Bundle required configurations locally or pin remote config to versioned, integrity-verified endpoints.

FP?

Likely FP if the URL in the match is a documentation link or example URL (e.g., example.com) rather than an actual runtime-fetched configuration endpoint.

LOW

pip install arbitrary package EXTDL_009

external-download L319

Detects pip install of arbitrary packages that modify the host environment

pip install au

FIX

Pin all pip packages to exact versions (e.g., pip install package==1.2.3). Use a requirements.txt or pyproject.toml with pinned versions and hash verification.

FP?

Likely FP if the match is in documentation showing how to install the skill's own PyPI package.