ClawHub

KarmaBank

Security checks across malware telemetry and agentic risk

Overview

KarmaBank’s USDC borrowing purpose is disclosed, but it asks for real wallet credentials and describes financial actions without enough safeguards or reviewed implementation detail.

Review carefully before installing. Use isolated test or sandbox credentials only, inspect the complete CLI implementation and the local Circle wallet dependency before running it, and require explicit human confirmation and spending limits for any wallet creation, borrowing, repayment, or fund-moving operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README instructs users to perform borrowing, repayment, and wallet creation actions that can affect funds or wallet state, but it does not provide any warning, confirmation guidance, or clarification that these actions may trigger real financial operations depending on configuration. In a skill explicitly centered on credit and USDC wallets, omission of safety warnings increases the risk of users invoking irreversible or financially meaningful actions without understanding the consequences.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill documentation explicitly instructs users to supply sensitive credentials such as `CIRCLE_API_KEY` and `CIRCLE_ENTITY_SECRET` for a real wallet, but provides no warning about secure storage, least-privilege handling, or the financial consequences of using live wallet capabilities. In an agent ecosystem, this omission is risky because users may paste production secrets into poorly isolated environments, enabling unauthorized wallet access or fund movement if the agent or surrounding tooling is compromised.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal