ClawHub

Authenticate Wallet

Security checks across malware telemetry and agentic risk

Overview

This wallet-authentication skill is purpose-aligned, but it should be reviewed because it can guide an agent through sensitive email/OTP-based login with loose activation language.

Install only if you want agents to help authenticate this wallet. Before use, confirm each login attempt yourself, prefer entering OTPs directly rather than handing them to the agent, and treat any email address, one-time code, or resulting wallet session as sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The manifest description uses broad triggers such as "log in, sign in, connect, or set up the wallet" and "when any wallet operation fails," which can cause the agent to invoke this skill in many ordinary wallet-related contexts. Because the skill initiates an authentication flow and can lead to handling sensitive factors like email addresses and OTPs, overly loose matching increases the chance of unnecessary or premature auth actions and exposure of sensitive authentication data.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation explicitly states that the agent may authenticate using access to email or ask the human for the OTP, but it does not include a clear warning that email addresses and one-time passcodes are highly sensitive authentication secrets. This creates a real risk that the agent will request, process, or expose MFA credentials in an unsafe way, potentially enabling account compromise or violating privacy expectations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal