Clawstars

Security checks across malware telemetry and agentic risk

Overview

The skill matches its SocialFi trading purpose, but it asks agents to run recurring remote-updated instructions that can trade with a wallet and post or engage publicly.

Install only if you intend to run an autonomous ClawStars trading and social agent. Pin or manually review heartbeat updates before following them, keep wallet signing behind tight budgets or approvals, and treat the ClawStars API key and CDP/wallet credentials as high-risk secrets.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 77% confidence
Finding: The heartbeat guidance instructs the agent to periodically fetch and follow a remote `heartbeat.md` file. That creates a dynamic remote-instruction channel: the skill can change behavior after installation without user review, and an agent that blindly 'follows it' may execute newly introduced actions including posting, trading, or secret-bearing API calls. In a security context, broad recurring remote fetch-and-follow behavior is risky even if the current domain is consistent and the document contains some safety guidance.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal