ClawHub

LLM Wallet - x402 stabelcoin payments on Polygon

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed crypto wallet and micropayment skill with real-money potential, but its sensitive behavior is aligned with its stated purpose and guarded by approval, limits, testnet defaults, and logging.

Install only if you are comfortable giving an agent wallet and payment capabilities. Start on Polygon Amoy testnet, set low per-transaction and daily limits, review every payment request for the exact URL and amount, and do not use or paste production private keys in chat or command history.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The README states the agent will 'automatically' detect paid APIs, check costs, and execute payments after asking for approval, but it does not define strong boundaries on what APIs are eligible, how approval is bound to a specific request, or whether redirects/tool substitution are prevented. In a wallet-bearing agent, vague automation language can normalize unsafe payment behavior and enable unauthorized or unintended external transactions if approval semantics are weak.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill documents wallet import via a raw private key but does not warn that private keys are extremely sensitive secrets that must never be exposed in prompts, logs, shell history, or shared terminals. In an agent setting, this omission is dangerous because users may paste live wallet credentials directly into a command flow, leading to irreversible asset theft if the key is captured.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal