Back to skill

Security audit

ClawFight

Security checks across malware telemetry and agentic risk

Overview

ClawFight appears to be a coherent online pet game skill; its risks are disclosed game automation, external npm execution, and online gameplay calls rather than evidence of malware.

Install only if you are comfortable with an agent running npx game commands, writing memory/clawfight game files, and contacting api.clawfight.online. Review or pin the npm package before enabling HEARTBEAT.md automation, and do not provide secrets because the skill does not need them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (13)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The documentation says heartbeat integration is 'read-only,' but elsewhere the skill explicitly defines `patrol` as mutating local state, changing progression, and making POST requests to a remote API. This mismatch can mislead users or orchestrators into enabling unattended automation under false assumptions, causing silent state changes and periodic network activity.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger list includes generic terms like 'pet,' 'battle,' 'idle,' and 'leaderboard,' which are common in unrelated conversations. Overbroad triggers can cause unintended invocation of this skill, leading to accidental execution of CLI commands, local file writes, and networked game actions without sufficiently specific user intent.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The command section presents CLI operations as ordinary game actions but does not prominently warn that they create and modify files in `memory/clawfight/`, alter persistent game state, and may trigger remote requests. Users may consent to a harmless-looking status or game interaction without understanding the persistence and automation side effects.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The file explicitly instructs the agent to read this template during hatching and write generated personality data into `memory/clawfight/soul.md` without any mention of user awareness, consent, or confirmation. Automatic persistent writes are risky because they create hidden state changes that can surprise users, accumulate sensitive or unwanted content over time, and make agent behavior harder to audit.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This section directs the agent to keep appending to `soul.md` after multiple gameplay events, creating ongoing persistent modification with no warning or user control. Repeated background updates increase the risk of unnoticed state drift, unwanted retention, and confusing behavior when future outputs are influenced by accumulated history.

External Transmission

Medium
Category
Data Exfiltration
Content
| Endpoint | Method | Purpose / 用途 |
|---|---|---|
| `https://api.clawfight.online/api/patrol` | POST | Patrol check-in & encounter trigger / 巡逻签到 |
| `https://api.clawfight.online/api/encounter` | GET | Get opponent info / 获取对手信息 |
| `https://api.clawfight.online/api/result` | POST | Report battle result / 上报战斗结果 |
| `https://api.clawfight.online/api/leaderboard` | GET | Leaderboard data / 排行榜数据 |
Confidence
87% confidence
Finding
https://api.clawfight.online/

External Transmission

Medium
Category
Data Exfiltration
Content
| Endpoint | Method | Purpose / 用途 |
|---|---|---|
| `https://api.clawfight.online/api/patrol` | POST | Patrol check-in & encounter trigger / 巡逻签到 |
| `https://api.clawfight.online/api/encounter` | GET | Get opponent info / 获取对手信息 |
| `https://api.clawfight.online/api/result` | POST | Report battle result / 上报战斗结果 |
| `https://api.clawfight.online/api/leaderboard` | GET | Leaderboard data / 排行榜数据 |
| `https://api.clawfight.online/api/dungeon/enter` | POST | Enter dungeon / 进入地下城 |
Confidence
84% confidence
Finding
https://api.clawfight.online/

External Transmission

Medium
Category
Data Exfiltration
Content
|---|---|---|
| `https://api.clawfight.online/api/patrol` | POST | Patrol check-in & encounter trigger / 巡逻签到 |
| `https://api.clawfight.online/api/encounter` | GET | Get opponent info / 获取对手信息 |
| `https://api.clawfight.online/api/result` | POST | Report battle result / 上报战斗结果 |
| `https://api.clawfight.online/api/leaderboard` | GET | Leaderboard data / 排行榜数据 |
| `https://api.clawfight.online/api/dungeon/enter` | POST | Enter dungeon / 进入地下城 |
| `https://api.clawfight.online/api/dungeon/act` | POST | Make dungeon choice / 地下城选择 |
Confidence
84% confidence
Finding
https://api.clawfight.online/

External Transmission

Medium
Category
Data Exfiltration
Content
| `https://api.clawfight.online/api/patrol` | POST | Patrol check-in & encounter trigger / 巡逻签到 |
| `https://api.clawfight.online/api/encounter` | GET | Get opponent info / 获取对手信息 |
| `https://api.clawfight.online/api/result` | POST | Report battle result / 上报战斗结果 |
| `https://api.clawfight.online/api/leaderboard` | GET | Leaderboard data / 排行榜数据 |
| `https://api.clawfight.online/api/dungeon/enter` | POST | Enter dungeon / 进入地下城 |
| `https://api.clawfight.online/api/dungeon/act` | POST | Make dungeon choice / 地下城选择 |
| `https://api.clawfight.online/api/dungeon/state` | GET | Resume dungeon state / 恢复地下城状态 |
Confidence
82% confidence
Finding
https://api.clawfight.online/

External Transmission

Medium
Category
Data Exfiltration
Content
| `https://api.clawfight.online/api/encounter` | GET | Get opponent info / 获取对手信息 |
| `https://api.clawfight.online/api/result` | POST | Report battle result / 上报战斗结果 |
| `https://api.clawfight.online/api/leaderboard` | GET | Leaderboard data / 排行榜数据 |
| `https://api.clawfight.online/api/dungeon/enter` | POST | Enter dungeon / 进入地下城 |
| `https://api.clawfight.online/api/dungeon/act` | POST | Make dungeon choice / 地下城选择 |
| `https://api.clawfight.online/api/dungeon/state` | GET | Resume dungeon state / 恢复地下城状态 |
| `https://api.clawfight.online/api/dungeon/abandon` | POST | Abandon dungeon / 放弃地下城 |
Confidence
84% confidence
Finding
https://api.clawfight.online/

External Transmission

Medium
Category
Data Exfiltration
Content
| `https://api.clawfight.online/api/result` | POST | Report battle result / 上报战斗结果 |
| `https://api.clawfight.online/api/leaderboard` | GET | Leaderboard data / 排行榜数据 |
| `https://api.clawfight.online/api/dungeon/enter` | POST | Enter dungeon / 进入地下城 |
| `https://api.clawfight.online/api/dungeon/act` | POST | Make dungeon choice / 地下城选择 |
| `https://api.clawfight.online/api/dungeon/state` | GET | Resume dungeon state / 恢复地下城状态 |
| `https://api.clawfight.online/api/dungeon/abandon` | POST | Abandon dungeon / 放弃地下城 |
Confidence
86% confidence
Finding
https://api.clawfight.online/

External Transmission

Medium
Category
Data Exfiltration
Content
| `https://api.clawfight.online/api/leaderboard` | GET | Leaderboard data / 排行榜数据 |
| `https://api.clawfight.online/api/dungeon/enter` | POST | Enter dungeon / 进入地下城 |
| `https://api.clawfight.online/api/dungeon/act` | POST | Make dungeon choice / 地下城选择 |
| `https://api.clawfight.online/api/dungeon/state` | GET | Resume dungeon state / 恢复地下城状态 |
| `https://api.clawfight.online/api/dungeon/abandon` | POST | Abandon dungeon / 放弃地下城 |

## Security & Privacy / 安全与隐私
Confidence
78% confidence
Finding
https://api.clawfight.online/

External Transmission

Medium
Category
Data Exfiltration
Content
| `https://api.clawfight.online/api/dungeon/enter` | POST | Enter dungeon / 进入地下城 |
| `https://api.clawfight.online/api/dungeon/act` | POST | Make dungeon choice / 地下城选择 |
| `https://api.clawfight.online/api/dungeon/state` | GET | Resume dungeon state / 恢复地下城状态 |
| `https://api.clawfight.online/api/dungeon/abandon` | POST | Abandon dungeon / 放弃地下城 |

## Security & Privacy / 安全与隐私
Confidence
78% confidence
Finding
https://api.clawfight.online/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.