ClawHub

Simmer Contributor

Security checks across malware telemetry and agentic risk

Overview

This skill openly connects to Simmer task APIs so an agent can claim and submit paid hackathon tasks; users should protect the API key and wallet address.

Install only if you intend to let an agent interact with Simmer task workflows. Keep SIMMER_API_KEY out of chat logs and shell history, send it only to the listed HTTPS endpoints, review tasks before claiming or submitting them, and confirm before sharing a Base wallet address. Because the hackathon deadline in the artifact has passed, verify the program is still active before expecting payment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill directs the agent to make authenticated requests to an external service using `SIMMER_API_KEY` but provides no warning that this transmits credentials and linked account context to a third-party endpoint. In an agent setting, this can cause unintended disclosure or use of a sensitive API key, especially if the operator did not explicitly consent to external authenticated actions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The registration flow instructs the agent to obtain a newly issued API key and place it in an environment variable without any warning that the key is secret, only shown once, and should not be logged, echoed, or exposed to other tools. This creates a realistic risk of credential leakage through transcripts, logs, shell history, or unsafe reuse across unrelated tasks.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal