insecure-defaults

clawhub:insecure-defaults

View source

75/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

75/100

CRITICAL 1

LOW 1

Findings (2)

CRITICAL

Instruction override combined with dangerous operations NLP_OVERRIDE_DANGEROUS

prompt-injection L97

Instruction override combined with dangerous operations

Default Credentials: Hardcoded username/password pairs
→ Verify: Active in deployed config? No runtime override?
→ Skip: Disabled accounts, documentation examples

FIX

Remove language that attempts to override safety guidelines or bypass system-level controls. This pattern is a strong indicator of a jailbreak attempt.

FP?

Likely FP if the matched text is in a security research document or educational content clearly marked as an example rather than an active payload.

LOW

Unscoped Bash tool in allowed tools INDIRECT_010

command-execution L4

Detects skills that include unscoped Bash in their allowed tools list (not Bash(cmd:*) scoped)

allowed-tools:
  - Read
  - Grep
  - Glob
  - Bash

FIX

Scope the Bash tool to specific commands using allowedTools patterns (e.g., Bash(git *) instead of bare Bash). Remove blanket Bash access from allowed_tools lists.

FP?

Likely FP if the Bash entry in allowed_tools is part of a constrained configuration that limits commands elsewhere (e.g., via system prompt restrictions).