gogcli

clawhub:gogcli

View source

85/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

85/100

HIGH 1

LOW 4

Findings (5)

HIGH

Private data read with public output TOXIC_001

toxic-flow L46

Skill can read private data (credentials, SSH keys, env vars) AND write to public channels (Slack, Discord, email). This combination enables data exfiltration.

[reads_private_data] load OAuth client credentials + [writes_public_output] gmail send

FIX

Break the toxic data flow by adding validation and sanitization between the input source and the sensitive operation. Do not pass untrusted data directly to file system, network, or execution APIs.

FP?

Likely FP if the data flow involves only trusted, hardcoded values and the taint analysis over-approximated the untrusted input sources.

LOW

System package manager install EXTDL_011

external-download L15

Detects system-level package installation via brew, apt, yum, or dnf

brew install s

FIX

Pin system packages to specific versions where the package manager supports it. Document the exact packages required and prefer containerized environments to avoid system-wide changes.

FP?

Likely FP if the match is standard setup documentation listing well-known system packages (e.g., apt install git curl) that are prerequisites.

LOW

Git clone and execute chain SUPPLY_012

supply-chain L21

Detects git clone of repositories followed by execution of cloned content

git clone https://github.com/steipete/gogcli.git + make install

FIX

Review the dependency tree for nested or transitive dependencies that introduce risk. Use tools like npm audit or pip-audit to identify known vulnerabilities in the dependency chain.

FP?

Likely FP if the flagged dependency is a standard, widely-used library with no known vulnerabilities at the time of scanning.

LOW

Unrestricted email or messaging access EXFIL_012

exfiltration L58

Detects CLI tools granting unrestricted send/read access to email or messaging

gmail search 'is:unread' --max

FIX

Restrict email and messaging API access to user-initiated actions. Prevent automated sending that could exfiltrate data via email body or attachments.

FP?

Likely FP if the skill is an email client or messaging tool whose documented purpose is to send messages on behalf of the user.

LOW

Unrestricted email or messaging access EXFIL_012

exfiltration L66

Detects CLI tools granting unrestricted send/read access to email or messaging

gmail search 'query' --max

FIX

Restrict email and messaging API access to user-initiated actions. Prevent automated sending that could exfiltrate data via email body or attachments.

FP?

Likely FP if the skill is an email client or messaging tool whose documented purpose is to send messages on behalf of the user.