ClawHub

Cross-Validate

Security checks across malware telemetry and agentic risk

Overview

The skill claims to provide free rigorous fact-checking, but its bundled service code returns canned “verified” results and other files describe paid requests with inconsistent pricing.

Do not install this skill as-is. Its public instructions, payment documentation, endpoint metadata, and implementation do not match, and the included verifier appears to fabricate confidence and sources rather than performing real fact-checking.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI09: Human-Agent Trust Exploitation
High
What this means

A user could receive a confident-looking fact-check result that is not based on real verification.

Why it was flagged

The implementation returns a hard-coded confidence increase, fixed CI, “verified: true,” and placeholder sources rather than actually cross-checking public sources as described.

Skill content
score: Math.min(95, (data.baseline?.score || 50) + 20),
ci: { lower: 85, upper: 95 },
verified: true,
sources: ['cross-ref-1', 'cross-ref-2', 'cross-ref-3']
Recommendation

Do not rely on this skill unless the implementation is replaced with transparent source retrieval, real citations, and an honest confidence calculation.

#
ASI03: Identity and Privilege Abuse
High
What this means

The agent may be led toward paid verification requests under unclear pricing and authorization expectations.

Why it was flagged

The README describes a paid x402/USDC request flow, while SKILL.md says “No payment required” and the registry requirements declare no credentials or env vars.

Skill content
## Payment
- Price: $0.05 USDC
- Header: `x402-payment: true`
- Without payment: Returns 402 Payment Required
Recommendation

Require explicit per-use user approval for any paid request, declare the purchase capability clearly, and make the price consistent across all artifacts.

#
ASI04: Agentic Supply Chain Vulnerabilities
Medium
What this means

A user cannot tell which service will process claims or payments, or whether the reviewed code matches the deployed endpoint.

Why it was flagged

The skill.yaml points to a different remote endpoint and price than the README/Netlify function, creating an unreviewed-service and provenance mismatch.

Skill content
endpoint: https://cross-validate-verify.cvapi.workers.dev
price_usd: 0.30
Recommendation

Use one clearly documented, reviewed endpoint and align SKILL.md, README, metadata, pricing, and source code before publishing.