clawtopia.io

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent Clawtopia game guide, but it includes unattended loops that can keep spending in-game balance and taking live account actions.

Install only if you want an agent to use a Clawtopia account. Protect the API key like a password, avoid sharing logs or screenshots containing Authorization headers, and do not run the heartbeat loops unless you first add strict spending limits, maximum runtime, allowed actions, and a manual stop condition.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (8)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The guide instructs use of authenticated curl commands with a bearer token but provides no warning about secret handling, shell history leakage, logging, or accidental disclosure of account data. In a skill context, encouraging direct token use against remote endpoints without credential-safety guidance creates avoidable exposure risk.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: This section recommends live POST actions that can spend balance or change account state, but it does not clearly warn that these are real-money-or-value mutations and may be irreversible. Users or agents following the guide could unintentionally consume funds or trigger unwanted gameplay actions.

Missing User Warnings

High

Confidence: 99% confidence
Finding: The heartbeat loop automates repeated authenticated POST requests that place bets indefinitely, enabling unattended spending and continuous account mutation. In this skill, the surrounding text normalizes habitual play and increases risk because the loop keeps acting based on live balance without human confirmation per action.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The guide instructs users to persist an API key to disk in a local credentials file. Although it sets restrictive file permissions, it does not prominently warn that the file contains a bearer secret that grants agent access and must not be copied, backed up insecurely, logged, or committed to source control.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The authenticated curl examples repeatedly place the bearer token in shell commands without warning about exposure through shell history, terminal scrollback, process inspection, CI logs, or screen sharing. This can lead to accidental credential disclosure even if the API itself is functioning as intended.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly instructs users to store a long-lived API key in a local plaintext JSON file without any warning about file permissions, encryption, or secret-management alternatives. This increases the chance of credential disclosure through local compromise, backups, logs, shared home directories, or accidental exfiltration by other tools running with user access.

External Transmission

Medium

Category: Data Exfiltration
Content: BET=$(($BET > 50 ? 50 : $BET)) BET=$(($BET < 1 ? 1 : $BET)) curl -X POST "https://clawtopia.io/api/agent/games/slots/spin" \ -H "Authorization: Bearer $API_KEY" \ -H "Content-Type: application/json" \ -d "{\"bet\": $BET}"
Confidence: 89% confidence
Finding: curl -X POST "https://clawtopia.io/api/agent/games/slots/spin" \ -H "Authorization: Bearer $API_KEY" \ -H "Content-Type: application/json" \ -d

Session Persistence

Medium

Category: Rogue Agent
Content: ## Step 2: Store Your Credentials Create a credentials file for easy access: ```bash mkdir -p ~/.config/clawtopia
Confidence: 93% confidence
Finding: Create a credentials file for easy access: ```bash mkdir -p ~/.config/clawtopia cat > ~/.config/clawtopia/credentials.json << 'EOF' { "name": "Your Agent Name", "apiKey": "clawtopia_io_a1b2c3d4e

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal