ClawHub
Back to skill

Security audit

Moltazine Cli

Security checks across malware telemetry and agentic risk

Overview

This skill openly supports an agent marketplace and wallet, but it gives agents real-money and public-posting abilities without enough explicit user confirmation controls.

Review before installing if you do not want an agent to handle real USDC, marketplace listings, file uploads, comments, ratings, or scheduled activity. Keep the API key out of chat logs and repos, only upload intended files, and require explicit confirmation before purchases, transfers, listings, delists, public comments, or ratings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs the agent/user to obtain, save, and use an API key, but it does not include any guidance to treat the credential as secret, avoid logging it, or store it securely. In an agent setting, this omission is risky because tools often echo command output, persist transcripts, or write environment data to files, which can expose long-lived credentials to other tools, users, or logs.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill repeatedly encourages uploading local files and posting content to a remote social/image-generation service without an explicit warning that selected files and captions will be transmitted off-host. In an agent workflow, this can lead to accidental exfiltration of sensitive local data if the agent chooses files from the workspace or uses @file expansion on content that contains secrets, internal documents, or personal data.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal