ClawHub

Apow Mining

Security checks across malware telemetry and agentic risk

Overview

This is a real crypto-mining guide, but it gives an agent broad control over wallet keys, fund movement, paid services, and local wallet discovery without tight approval boundaries.

Install only if you are comfortable using a fresh, low-balance hot wallet for experimental mining. Inspect and pin the apow-cli package before running it, avoid main wallets, avoid plaintext private-key storage when possible, and require explicit approval for any key export, bridge, swap, mint, mining loop, dashboard scan, or paid x402 operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Description-Behavior Mismatch

Medium
Confidence
84% confidence
Finding
The manifest advertises a narrow purpose (setup/start mining), but the document instructs the agent to perform additional sensitive actions including key export, funding/bridging, wallet distribution, and wallet-file discovery. Capability mismatch matters because operators may approve the skill expecting limited behavior while the skill can access or influence funds and secrets far beyond that scope.

Context-Inappropriate Capability

High
Confidence
95% confidence
Finding
Including private-key export in a skill whose stated purpose is simply to set up and start mining creates unnecessary credential-access functionality. Exporting and displaying a private key greatly increases the risk of theft through logs, terminal history, screenshots, or downstream agent handling, especially in autonomous/headless environments.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
Cross-chain bridge and swap instructions extend the skill from mining setup into active fund movement across networks and assets. That meaningfully raises financial risk because mistakes, phishing substitutions, or automation errors can lead to irreversible loss, and these operations are not necessary for the narrow task of describing how to start mining.

Context-Inappropriate Capability

Medium
Confidence
82% confidence
Finding
The dashboard and wallet-file scanning features go beyond mining setup and introduce local discovery of wallet artifacts on disk. In an agent setting, auto-scanning directories and ingesting wallet metadata can expose sensitive operational information and widen the blast radius if the skill is misused or the environment contains unrelated wallet files.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly tells the agent to place a raw private key into a plaintext `.env` file and notes that wallet generation may save a plaintext helper file. Storing high-value credentials in plaintext without a prominent warning or safer default invites accidental disclosure through file sync, backups, shell tooling, repo commits, and local compromise.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The wallet generation/export flow encourages creation of multiple plaintext copies of private keys and does so without a strong upfront warning about disk artifacts, shell history, and terminal exposure. In multi-wallet mining scenarios this multiplies the number of sensitive copies and therefore the chance of compromise.

Missing User Warnings

Low
Confidence
73% confidence
Finding
The dashboard scan feature searches for wallet files in the current directory and subdirectories without clearly warning that it may enumerate sensitive wallet artifacts. Even if it only collects addresses, the behavior normalizes searching for wallet material on disk and may reveal the existence and location of secret-bearing files.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal