ClawHub

crypto daily report

Security checks across malware telemetry and agentic risk

Overview

This skill is built for crypto daily reports, but it can silently post to a fixed Telegram destination and read a local API token with broad triggers.

Install only if you specifically want this skill to publish crypto reports to the listed Telegram chat/thread. Before using it, verify that destination, narrow the trigger phrases, require a preview or confirmation before sending, and replace direct ~/.openclaw/.env token reads with an explicit scoped secret.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill reads a local credential file (`~/.openclaw/.env`) to extract an API token at runtime. Accessing local secrets from a general-purpose skill expands the trust boundary, risks accidental credential exposure or misuse, and is especially sensitive because the token is then used for outbound requests to a third-party service.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger phrase `日报` is broad and likely to match benign user requests that are unrelated to this specific Telegram-posting workflow. Because the skill also performs silent external posting, overly broad activation materially raises the risk of unintended execution and unapproved outbound actions.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill explicitly requires silent execution and posting three messages to a Telegram topic while returning only `NO_REPLY` to the user. Hidden external actions without notice or confirmation are dangerous because they remove user awareness, prevent interception of mistakes, and could be abused to send content or leak data to external channels without meaningful consent.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger set does not define boundaries distinguishing crypto-news reporting from general report-generation requests, increasing the chance of incorrect invocation. In this skill, misrouting is more dangerous than a simple UX issue because execution may call external APIs and post content to a Telegram topic, amplifying the effects of a mistaken match.

Vague Triggers

Low
Confidence
89% confidence
Finding
The trigger set does not define boundaries distinguishing crypto-news reporting from general report-generation requests, increasing the chance of incorrect invocation. In this skill, misrouting is more dangerous than a simple UX issue because execution may call external APIs and post content to a Telegram topic, amplifying the effects of a mistaken match.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal