soulflow

clawhub:soulflow

View source

60/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

60/100

CRITICAL 1

HIGH 1

Findings (2)

CRITICAL

Text combines credential access with network transmission NLP_CRED_EXFIL_COMBO

exfiltration L1

Text combines credential access with network transmission

Only run workflows you trust — custom workflows from untrusted sources could exfiltrate data or misuse credentials

FIX

Remove the combination of credential access and network transmission from the tool. If the tool needs credentials, access them via a secrets manager and never transmit them externally.

FP?

Likely FP if the tool legitimately uses credentials for API authentication (e.g., reading an API key to make authenticated requests to the same service).

HIGH

Data transmission pattern EXFIL_003

exfiltration L234

Detects patterns indicating sensitive data being sent to external services

exfiltrate data

FIX

Restrict file reading to the project directory and block outbound network calls that include file contents. Implement file path validation to prevent directory traversal.

FP?

Likely FP if the tool legitimately reads project files and displays them to the user locally, without sending data to external services.