ClawHub

Monetize Service

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent guide for building an x402 paid API, with disclosed real-payment and broad command risks users should review.

Install this only if you intend to build a payment-gated API. Review npm packages and curl targets before running them, prefer Base Sepolia for testing, keep CDP and wallet credentials in environment variables or a secret manager, and require explicit confirmation before any mainnet payment, public deployment, or paid test request.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill description contains very broad invocation phrases such as 'make money', 'earn money', and 'sell a service', which can cause the skill to trigger in contexts far beyond explicit intent to deploy a paid x402 API. Over-broad activation increases the chance an agent will surface or execute monetization/deployment guidance unexpectedly, which is risky because the skill leads users toward creating public paid endpoints and handling real payment flows.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The instructions immediately direct the user to create an x402 payment server on Base mainnet and later mention authenticated facilitator use, but they do not warn that this can expose a real paid endpoint, receive real USDC, or require careful handling of payment-related credentials and wallet state. In an agent skill context, omission of these warnings is dangerous because users may follow the steps non-interactively and unintentionally deploy a real-money service or mishandle secrets such as CDP API credentials.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal