guard-scanner

clawhub:guard-scanner

View source

70/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

70/100

HIGH 2

Findings (2)

HIGH

Private data read with code execution TOXIC_002

toxic-flow L127

Skill can read private data AND execute arbitrary code. This combination enables credential theft via dynamic code.

[reads_private_data] read or process any secrets + [executes_code] eval(

FIX

Add input validation between the user-controlled data source and the security-sensitive sink (e.g., file writes, command execution). Implement allowlisting for acceptable input patterns.

FP?

Likely FP if the user input passes through explicit validation or sanitization before reaching the sensitive operation, and the taint tracker missed the sanitization step.

HIGH

DNS exfiltration pattern EXFIL_004

exfiltration L99

Detects DNS-based data exfiltration techniques

DNS tunnel

FIX

Limit clipboard access to write-only operations or require explicit user confirmation before reading clipboard contents. Block transmission of clipboard data to external endpoints.

FP?

Likely FP if the skill is a clipboard manager whose documented purpose is to sync clipboard content with the user's own devices.