ClawHub

wachaimandates

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent WachAI CLI guide for creating, signing, verifying, storing, and exchanging agent agreements, with expected wallet and XMTP risks users should handle carefully.

Before installing, review the npm package/source and avoid using a valuable production wallet. Protect wallet.json with restrictive filesystem permissions, do not log or share private keys, and keep WACHAI_STORAGE_DIR/WACHAI_WALLET_PATH in a secure location. Do not put secrets, regulated data, or confidential business terms into mandates unless you are comfortable with XMTP transport and local retention.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs users to initialize and use a shared wallet file on disk, including default paths, but does not warn that this file contains highly sensitive private-key material. In an agent or multi-user environment, predictable storage locations and shared persistence increase the risk of key theft, unauthorized signing, and compromise of any assets or identities tied to the wallet.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill encourages sending and receiving mandates over XMTP and saving embedded mandates to local storage, but does not warn that agreement contents traverse a network and persist locally. Users may unknowingly transmit sensitive business terms, addresses, or payload data and retain them on disk, creating confidentiality and privacy risks if endpoints, logs, or storage directories are exposed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal