byterover
Fail
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [CREDENTIALS_UNSAFE]: A hardcoded API key is present in the
docker-compose.ymlfile as a default value for an environment variable. - Evidence:
BRV_API_KEY=${BRV_API_KEY:-3vkIgJ0NXwXknDTVnshAhCCocdAscVbdOqq3Vj7QKXc} - [COMMAND_EXECUTION]: The skill provides helper scripts that take user-supplied input and interpolate it directly into shell commands executed via
docker-compose exec. This pattern is susceptible to command injection if the input is not strictly validated or escaped. - Evidence:
docker-compose exec -T byterover brv query "$QUERY" --headless --format jsoninscripts/query.shand similar patterns inscripts/curate.sh. - [EXTERNAL_DOWNLOADS]: The Dockerfile installs the
byterover-clipackage from the public NPM registry at build time without specifying a version or verifying integrity hashes. - Evidence:
RUN npm install -g byterover-cliinDockerfile. - [DATA_EXPOSURE]: The skill's operational scripts read sensitive configuration data, including API keys, from a local file located at
~/.clawdbot/byterover-config.json. - Evidence:
CONFIG=$(cat ~/.clawdbot/byterover-config.json)in multiple scripts under thescripts/directory.
Recommendations
- AI detected serious security threats
Audit Metadata