ClawHub

Agnic

Security checks across malware telemetry and agentic risk

Overview

This skill appears to combine wallet, trading, email, identity, AI-chat, and image-generation powers without enough scoping or safety controls for high-impact actions.

Review carefully before installing. Use only with low-value or test wallets, require explicit confirmation before any payment, trade, transfer, or email, and avoid sending private identity, wallet, or email contents through the AI gateway unless you trust the provider and understand the data flow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill is presented as a wallet, payments, trading, email, and identity tool, but it also exposes a broad AI gateway and image generation capability that materially expands what the agent can do. This scope creep weakens least-privilege boundaries and can let callers use an ostensibly finance-focused skill for unrelated networked inference, prompt relay, and file creation actions that were not justified or clearly disclosed in the manifest purpose.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
General-purpose AI chat and image generation are not necessary for the stated financial and identity workflows, yet they provide an open-ended execution surface through external model providers and local file output. In an agent setting, this can enable unintended data exfiltration to third-party AI services, arbitrary prompt forwarding, and creation of local artifacts beyond the user’s expected wallet/email operations.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill enables high-risk actions including payments, token trades, token transfers, email sending, and image file creation, but it does not include explicit safety guidance or confirmation requirements about spending funds, sending external communications, or modifying the local filesystem. In context, this is especially dangerous because the skill combines financial authority, communications capability, and network access, increasing the chance of accidental loss, phishing amplification, or unintended disclosure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal