ClawHub
Back to skill

Security audit

Chart Splat (x402)

Security checks across malware telemetry and agentic risk

Overview

This charting skill is openly for paid x402 chart generation, but it needs review because it can use a raw wallet private key through an unpinned npm CLI to spend real USDC without clear per-request confirmation rules.

Install only if you intentionally want wallet-funded pay-per-chart behavior. Use a fresh low-balance wallet, avoid main wallets, prefer environment-based secret handling, review or pin the npm CLI before exposing the key, and confirm each paid request before running it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
83% confidence
Finding
The skill description includes broad trigger phrases like mentions of an EVM wallet, x402, USDC, micropayment, or pay-per-call, which could cause the agent to invoke this skill in contexts where the user did not clearly intend to authorize wallet-based spending. Because the skill performs paid network actions, accidental invocation can lead to unintended external requests and micropayment charges.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs use of a raw private key via X402_PRIVATE_KEY and enables networked payment-backed chart generation, but it does not prominently require user confirmation or warn about the sensitivity of the credential and the privacy/financial implications of sending chart data to a third-party API. This creates risk of secret mishandling, unintended spending, and external disclosure of user-provided chart data.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal