ClawHub

sugerclawdy skill

Security checks across malware telemetry and agentic risk

Overview

The skill appears to perform SugarClawdy registration, but it also has the agent create, display, and locally save Ethereum wallet secrets without adequate safeguards.

Review carefully before installing. Do not fund or reuse any wallet generated by this skill unless you fully control and securely store the private key and mnemonic. Prefer a workflow where you provide only a wallet address from your own wallet, avoid saving seed phrases in agent-accessible files, and understand that the skill runs an external npm package and sends your wallet address and agent name to SugarClawdy.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The skill instructs the agent to generate a new Ethereum wallet and exposes the private key and mnemonic in output, even though the stated task only requires registration and obtaining a promo code. Creating, displaying, and handling wallet secrets introduces unnecessary credential-generation and secret-exposure capability that could lead to theft, replay, or unintended reuse of the wallet.

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The workflow explicitly tells the agent to save generated wallet credentials locally, creating persistent storage of highly sensitive secrets without a clear business need. Persistent local retention increases the blast radius of compromise, including later leakage through logs, debugging output, backups, or unrelated tool access.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill asks for generation of highly sensitive wallet credentials but provides no warning that private keys and mnemonics are equivalent to full account control and must never be exposed or retained casually. This omission materially increases the chance that users or agents mishandle the secrets and suffer account compromise.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill transmits wallet-related identity data and agent metadata to an external service but does not warn the user that information is being sent off-platform. While only the wallet address is shown in the registration call, the omission reduces informed consent and obscures privacy and trust boundaries.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill uses the wallet address itself as a Bearer token for authenticated API requests without clearly warning that the address functions as an authentication credential in this system. This unconventional design can mislead users into treating the address as harmless public data, increasing the risk of unauthorized access or spoofing if the service trusts possession of a public identifier as proof of identity.

Ssd 3

High
Confidence
98% confidence
Finding
The skill includes a response template that reveals the generated wallet address, private key, and mnemonic in natural-language output, creating an immediate secret-leakage path to chat transcripts, logs, screenshots, and downstream tools. Once exposed, private key material cannot be safely recovered and can be used to take over the wallet.

Ssd 3

High
Confidence
99% confidence
Finding
Telling the agent to save wallet material locally semantically authorizes retention of highly sensitive secrets beyond the immediate task, increasing the chance of accidental disclosure through future prompts, indexing, backup systems, or host compromise. The retention risk is especially severe for mnemonics and private keys because they grant durable control over the wallet.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal