jobtread-api

clawhub:jobtread-api

View source

85/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

85/100

HIGH 1

LOW 1

Findings (2)

HIGH

Read external content and apply as rules INDIRECT_003

indirect-injection L243

Detects skills that read remote markdown or documentation and apply it as operational rules

read UI to create a webhook (Web + Use a secure file such as `~/.config

FIX

Treat tool outputs as untrusted data. Do not act on directives found in tool responses without explicit user confirmation. Implement output validation before acting on tool results.

FP?

Likely FP if the match is a skill description explaining that it processes tool outputs, rather than a payload designed to hijack the agent via tool responses.

LOW

Runtime URL controlling behavior THIRDPARTY_001

third-party-content L205

Detects URLs fetched at runtime that control or influence agent behavior without pinning

Get document PDF token (append to `https:// + config

FIX

Avoid loading configuration or behavior-controlling content from runtime URLs. Bundle required configurations locally or pin remote config to versioned, integrity-verified endpoints.

FP?

Likely FP if the URL in the match is a documentation link or example URL (e.g., example.com) rather than an actual runtime-fetched configuration endpoint.