byterover
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): A hardcoded API key (
3vkIgJ0NXwXknDTVnshAhCCocdAscVbdOqq3Vj7QKXc) is present in thedocker-compose.ymlfile as a default environment variable value.\n- [COMMAND_EXECUTION] (HIGH): Multiple bash scripts in thescripts/directory (e.g.,query.sh,curate.sh,sync.sh) executedocker-compose execon the host system, creating a significant command execution surface that could be exploited via unsanitized input.\n- [EXTERNAL_DOWNLOADS] (MEDIUM): TheDockerfileperforms a global installation of thebyterover-clipackage from npm during the build process. This package is not from a verified trusted source.\n- [DATA_EXFILTRATION] (MEDIUM): The skill's helper scripts read sensitive API configuration and credentials from the host filesystem at~/.clawdbot/byterover-config.jsonto facilitate communication with the externalbyterover.devdomain.
Recommendations
- AI detected serious security threats
Audit Metadata