ClawHub
Back to skill

Security audit

ZKGov

Security checks across malware telemetry and agentic risk

Overview

ZKGov is a disclosed HashKey Chain testnet governance helper with sensitive wallet and transaction behavior that matches its stated purpose.

Install only if you trust the external @zkgov packages and intend to use HashKey Chain testnet governance. Treat registration, proposal creation, voting, and finalization as explicit user-approved actions, use testnet-only keys, and protect ~/.zkgov/config.json and any ZKGOV_PRIVATE_KEY value.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger text is overly expansive, including broad phrases like 'anything related to on-chain voting with privacy,' which can cause the agent to invoke this skill in situations the user did not clearly intend. Because the skill includes wallet-backed write operations, over-triggering increases the chance of unnecessary wallet inspection, registration, proposal creation, or voting flows being surfaced or attempted inappropriately.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill states that a wallet is auto-generated on the first write operation and can also be overridden by a private key environment variable, but it does not require an explicit user warning or consent before reaching private-key-backed behavior. In an agent setting, this is dangerous because users may not realize that invoking a governance action can create persistent credentials and initiate blockchain transactions with lasting effects.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.