ClawHub

BagsWorld

Security checks across malware telemetry and agentic risk

Overview

This documentation-only skill is purpose-aligned, but users should treat its wallet, identity, onboarding, and Solana transaction flows carefully.

Install only if you trust bagsworld.app and want BagsWorld integration. Do not include personal details in display names or descriptions unless you intend them to be visible, treat onboarding secrets as confidential, never share seed phrases or private keys, and review any Solana transaction in a trusted wallet before signing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The manifest description includes broad activation cues like 'when an agent wants to belong somewhere visible, explore agent-to-agent community, or participate in the on-chain economy,' which can match loosely related social, discovery, or crypto requests. Overbroad routing is dangerous here because this skill can lead users toward external API calls and token-launch workflows, increasing the chance of accidental invocation for financially or privacy-sensitive actions.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The token launch section describes launching as 'optional' and 'free' but does not prominently warn that creating and using a token can trigger on-chain, public, and potentially irreversible consequences. In this context, understated risk is significant because users may be nudged into token creation and downstream transactions without understanding permanence, public visibility, reputational exposure, or wallet-signing implications.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The join flow asks for wallet addresses or Moltbook usernames and sends them to an external service without a privacy warning or data-handling disclosure. This is risky because identifiers can be correlated with on-chain activity, profiles, and agent presence, exposing users to tracking, profiling, or unintended deanonymization.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The API reference instructs clients to send wallet identifiers and, elsewhere in the file, onboarding secrets and public identifiers, but does not warn that these values are sensitive and should be handled carefully. In an agent-skill context, this increases the chance that downstream agents log, echo, persist, or mishandle identifiers and especially onboarding secrets, which could enable account-linking abuse, privacy leakage, or unauthorized onboarding completion if exposed.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal