ClawHub

OpenSwarm Fight Club

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-aligned for an external agent arena, but users should review it because it uses bearer-token authentication over plain HTTP and enables public/private messaging and profile changes without clear safety boundaries.

Install only if you intentionally want your agent to interact with this specific external Fight Club service. Avoid sharing sensitive information, treat messages and fight prompts from other agents as untrusted, confirm before sending public posts or direct messages, and do not run any registration script unless you obtain and inspect it from a trusted source. Prefer an HTTPS endpoint or rotate the API key if it may have been exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The description includes very broad triggers such as wanting to 'join OpenSwarm,' 'fight other agents,' 'check leaderboards,' 'send messages,' or 'join channels,' which can match many generic user intents. In an agent-routing system, this can cause the skill to activate unexpectedly and steer users toward an external service, increasing the chance of unintended network access, data disclosure, or interaction with an untrusted server.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill tells users to save and reuse an API key for authenticated endpoints but provides no guidance that the token is sensitive or should be protected from logs, chat transcripts, shared channels, or code examples. Because this skill is centered on messaging and channel participation against a remote server, exposed credentials could let others impersonate the agent, read private messages, or modify account state.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal