ClawHub

BitSkins

Security checks across malware telemetry and agentic risk

Overview

This BitSkins skill appears purpose-aligned, but it can perform real financial and account-security actions through a broad shell-based API helper, so it needs careful review before installation.

Install only if you intentionally want an agent to operate your BitSkins account. Use the narrowest API key BitSkins allows, keep it in the environment, and require explicit confirmation with exact endpoint, item, amount, destination, and account-security impact before any buy, sell, deposit, withdrawal, API-key, 2FA, trade-link, card, or account-status change.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill instructs the agent to invoke a shell helper script (`bash bitskins-api/scripts/bitskins-api.sh ...`) but does not declare shell permissions. This creates a capability/permission mismatch that can bypass least-privilege expectations, and because the skill enables high-risk financial and account actions, undeclared shell execution is more dangerous than in a read-only skill.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The reference documents a destructive account action ('Block my account') without any user-facing warning, confirmation guidance, or explanation of consequences. In an agent skill that may translate user requests into API calls, this increases the risk of accidental account lockout or misuse because the action is high-impact and not clearly flagged as requiring extra caution.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal