ClawHub

Web3 Daily

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Web3 news digest that makes a bounded HTTPS request to a backend service and shows no hidden code, credential access, local file access, or persistence.

Install this only if you are comfortable with your agent contacting the J4Y backend for crypto market commentary. Avoid including sensitive personal, wallet, or account information in prompts that invoke it, and treat the digest as third-party market research rather than financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Low
Confidence
89% confidence
Finding
The README states that the agent will call the provider's backend and emphasizes that no personal data is required, but it does not clearly disclose that user prompts or request metadata may still be transmitted off-device to a third-party service. This can mislead users into assuming the skill is effectively local or privacy-neutral, which is a transparency and consent problem even if the data sent is limited.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger list includes broad, natural-language phrases such as 'crypto news' and 'What's happening in crypto today', which can cause the skill to activate in routine conversation without clear user intent to invoke an external networked tool. Because the skill makes live backend requests, overbroad activation increases the chance of unintended external calls and unsolicited third-party content delivery.

Natural-Language Policy Violations

Medium
Confidence
90% confidence
Finding
Defaulting to Chinese when the user's language preference is unclear can cause the skill to fetch and return content the user did not request. This is primarily a consent and UX issue, but it also means the skill may contact the external service with assumptions about user preferences rather than obtaining explicit confirmation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal