byterover

Fail

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [CREDENTIALS_UNSAFE]: A hardcoded API key is present in the docker-compose.yml file as a default value for an environment variable.
  • Evidence: BRV_API_KEY=${BRV_API_KEY:-3vkIgJ0NXwXknDTVnshAhCCocdAscVbdOqq3Vj7QKXc}
  • [COMMAND_EXECUTION]: The skill provides helper scripts that take user-supplied input and interpolate it directly into shell commands executed via docker-compose exec. This pattern is susceptible to command injection if the input is not strictly validated or escaped.
  • Evidence: docker-compose exec -T byterover brv query "$QUERY" --headless --format json in scripts/query.sh and similar patterns in scripts/curate.sh.
  • [EXTERNAL_DOWNLOADS]: The Dockerfile installs the byterover-cli package from the public NPM registry at build time without specifying a version or verifying integrity hashes.
  • Evidence: RUN npm install -g byterover-cli in Dockerfile.
  • [DATA_EXPOSURE]: The skill's operational scripts read sensitive configuration data, including API keys, from a local file located at ~/.clawdbot/byterover-config.json.
  • Evidence: CONFIG=$(cat ~/.clawdbot/byterover-config.json) in multiple scripts under the scripts/ directory.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 19, 2026, 07:33 AM
Security Audit — agent-trust-hub — byterover