ClawHub

Gotchi Equip

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: it lets a user inspect and change Aavegotchi wearables through Bankr-backed transactions.

Install only if you are comfortable letting the skill use your Bankr API key to submit Aavegotchi wearable transactions. Review the gotchi ID and slot changes carefully before running equip or unequip-all, because those commands can change on-chain wearable state.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill declares required binaries and environment variables and explicitly references shell scripts, but it does not declare permissions for shell execution. This creates a trust and review gap: users or platforms may underestimate the skill's execution capabilities, even though it can invoke local commands, access secrets such as BANKR_API_KEY, and interact with external services.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The function searches multiple locations outside the immediate invocation context for a Bankr API key, including the systemd user environment and other local skill config files. That broad credential discovery behavior can silently appropriate secrets from unrelated contexts and exceeds what a narrowly scoped wearable-management skill should do.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script reads a sensitive API key from environment/config locations without any notice, prompt, or clear disclosure to the user. Silent secret harvesting increases the risk of unintended credential use and makes it harder for operators to understand what sensitive data the skill accesses.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal