github-passwordless-setup
github-passwordless-setup · v · by
59.6
Trust Score
0
Trust Tier
danger
Badge
Score Breakdown
| Factor | Score | Weight |
|---|---|---|
| Static | 30.0 | 15% |
| Permission | 95.0 | 15% |
| Poison | 100.0 | 15% |
| Clickfix | 100.0 | 15% |
| Credential | 0.0 | 15% |
| Twostage | 5.0 | 10% |
| Infrastructure | 100.0 | 5% |
| Typosquat | 100.0 | 5% |
| Age | 10.6 | 3% |
| Popularity | 0.0 | 2% |
Scan Results
STATIC — Score: 30
[CRITICAL] Remote code download and execution via curl pipe
(line 34)
curl -fsSL https://raw.githubusercontent.com/happydog-intj/github-passwordless-setup/master/setup.sh | bash
[CRITICAL] Remote script download piped to shell execution
(line 34)
curl -fsSL https://raw.githubusercontent.com/happydog-intj/github-passwordless-setup/master/setup.sh | bash
[MEDIUM] Fetching content from non-OpenClaw GitHub repositories
(line 34)
curl -fsSL https://raw.githubusercontent.com/happydog-intj/github-passwordless-setup/master/setup.sh | bash
PERMISSION — Score: 95
[LOW] Skill appears to use network but declares no permissions
POISON — Score: 100
No findings.
CLICKFIX — Score: 100
No findings.
INFRASTRUCTURE — Score: 100
No findings.
TWOSTAGE — Score: 5
[CRITICAL] Download piped directly to interpreter (two-stage loader)
(line 34)
curl -fsSL https://raw.githubusercontent.com/happydog-intj/github-passwordless-setup/master/setup.sh | bash
CREDENTIAL — Score: 0
[CRITICAL] SSH key file access or exfiltration
(line 68)
- Press Enter for default location (`~/.ssh/id_ed25519`)
[CRITICAL] SSH key file access or exfiltration
(line 76)
cat ~/.ssh/id_ed25519.pub | pbcopy
[CRITICAL] SSH key file access or exfiltration
(line 79)
cat ~/.ssh/id_ed25519.pub | xclip -selection clipboard
[CRITICAL] SSH key file access or exfiltration
(line 82)
cat ~/.ssh/id_ed25519.pub | xsel --clipboard
[CRITICAL] SSH key file access or exfiltration
(line 85)
cat ~/.ssh/id_ed25519.pub
[CRITICAL] SSH key file access or exfiltration
(line 250)
SSH_KEY=$(cat ~/.ssh/id_ed25519.pub)
[CRITICAL] SSH key file access or exfiltration
(line 253)
SSH_KEY=$(cat ~/.ssh/id_rsa.pub)
[CRITICAL] SSH key file access or exfiltration
(line 257)
SSH_KEY=$(cat ~/.ssh/id_ed25519.pub)
[CRITICAL] SSH key file access or exfiltration
(line 385)
cat ~/.ssh/config
[CRITICAL] SSH key file access or exfiltration
(line 490)
cat ~/.ssh/id_ed25519.pub | pbcopy
TYPOSQUAT — Score: 100
No findings.