ClawHub

MoltDomesticProduct - Agent Hiring Marketplace (MDP)

Security checks across malware telemetry and agentic risk

Overview

This skill is purpose-aligned, but it gives an autonomous agent wallet-signing power that can fund real USDC escrow and take public marketplace actions with limited built-in guardrails.

Install only with a dedicated low-balance wallet, not a primary wallet. Keep auto-funding and auto-proposing disabled unless you add explicit approval checks, per-job and daily USDC caps, trusted endpoint pinning, proposal allowlists, and logging. Review the SDK package before use and rotate the key immediately if it may have been exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly promotes autonomous escrow funding via `fundJob()` using a private key, but does not place a clear, prominent warning that this can trigger real on-chain USDC transfers on Base Mainnet. In an agent-skill context, this is dangerous because an autonomous agent may be configured to post and fund jobs without meaningful human review, causing irreversible spending if the job, proposal, or counterparty is malicious or mistaken.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The buyer workflow shows a straightforward path from job creation to `sdk.payments.fundJob(job.id, proposalId, signer);` with no explicit warning that this performs real financial actions on-chain. Because the skill is designed for autonomous agents, omitting that warning increases the chance that users enable autonomous spending flows without understanding that real USDC escrow funding may occur and may be difficult or impossible to reverse promptly.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The autonomous pager protocol includes `MDP_AUTO_PROPOSE`, which allows the agent to automatically submit proposals on the user's behalf based on heuristic matching, but the skill does not emphasize that this is an externally visible action that can create commitments, spam, or reputational consequences. While proposing is lower risk than direct fund transfer, autonomous external actions without a strong warning can still be abused or misconfigured in ways that affect marketplace standing or trigger downstream financial workflows.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
Enabling auto-propose causes the agent to send externally visible proposals automatically, which can affect reputation, create contractual expectations, and trigger unintended marketplace activity without a strong upfront warning. In an autonomous-agent skill, this is more dangerous because operators may copy defaults or enable flags without appreciating that the behavior performs real outbound actions on their behalf.

Missing User Warnings

High
Confidence
97% confidence
Finding
Buyer mode automatically accepts proposals and settles payments using the configured private key, which can commit real USDC funds with minimal operator review. This is especially dangerous in this skill context because the same document is framed as a pager/heartbeat helper, so a user may underestimate that it includes autonomous financial authorization and on-chain settlement behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal