ClawHub

Deploy Spark Bitcoin L2 Proxy

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent for deploying a Bitcoin payment proxy, but it asks the agent to handle wallet and provider secrets while deploying unpinned remote code.

Install only if you are prepared to audit and operate a Bitcoin wallet proxy. Use a fresh low-balance wallet, set low spending caps, keep admin tokens private, avoid pasting real mnemonics or provider tokens into chat, prefer provider dashboards or local secret tooling for secret entry, and pin/review the external GitHub repository before deploying.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly asks the user to provide extremely sensitive material, including a wallet mnemonic and service credentials, but does not warn against sharing them with the agent or recommend safer handling paths. In this context, the mnemonic controls funds and the API credentials can provision infrastructure, so collecting them through an agent materially increases the risk of credential exposure, logging leakage, or misuse.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill provides examples that place highly sensitive secrets, including the wallet mnemonic and Vercel bearer token, directly into curl command bodies for transmission to external APIs without any warning about secret handling risks. Even if the destination service is legitimate, embedding secrets in commands shown to or constructed by an agent can expose them through chat history, shell history, logs, screenshots, or telemetry.

External Transmission

Medium
Category
Data Exfiltration
Content
Otherwise, create a database via the Upstash API. The user needs their Upstash email and API key from https://console.upstash.com/account/api:

```bash
curl -X POST "https://api.upstash.com/v2/redis/database" \
  -u "UPSTASH_EMAIL:UPSTASH_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"name": "sparkbtcbot-proxy", "region": "global", "primary_region": "us-east-1"}'
Confidence
86% confidence
Finding
curl -X POST "https://api.upstash.com/v2/redis/database" \ -u "UPSTASH_EMAIL:UPSTASH_API_KEY" \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
**Important:** Do NOT use `vercel env add` with heredoc/`<<<` input — it appends newlines that break the Spark SDK. Either use the Vercel dashboard or the REST API:

```bash
curl -X POST "https://api.vercel.com/v10/projects/<PROJECT_ID>/env?teamId=<TEAM_ID>" \
  -H "Authorization: Bearer <VERCEL_TOKEN>" \
  -H "Content-Type: application/json" \
  -d '{"type":"encrypted","key":"SPARK_MNEMONIC","value":"your mnemonic here","target":["production","preview","development"]}'
Confidence
95% confidence
Finding
curl -X POST "https://api.vercel.com/v10/projects/<PROJECT_ID>/env?teamId=<TEAM_ID>" \ -H "Authorization: Bearer <VERCEL_TOKEN>" \ -H "Content-Type: application/json" \ -d '{"type":"encrypted","

External Transmission

Medium
Category
Data Exfiltration
Content
Otherwise, create a database via the Upstash API. The user needs their Upstash email and API key from https://console.upstash.com/account/api:

```bash
curl -X POST "https://api.upstash.com/v2/redis/database" \
  -u "UPSTASH_EMAIL:UPSTASH_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"name": "sparkbtcbot-proxy", "region": "global", "primary_region": "us-east-1"}'
Confidence
86% confidence
Finding
https://api.upstash.com/

External Transmission

Medium
Category
Data Exfiltration
Content
**Important:** Do NOT use `vercel env add` with heredoc/`<<<` input — it appends newlines that break the Spark SDK. Either use the Vercel dashboard or the REST API:

```bash
curl -X POST "https://api.vercel.com/v10/projects/<PROJECT_ID>/env?teamId=<TEAM_ID>" \
  -H "Authorization: Bearer <VERCEL_TOKEN>" \
  -H "Content-Type: application/json" \
  -d '{"type":"encrypted","key":"SPARK_MNEMONIC","value":"your mnemonic here","target":["production","preview","development"]}'
Confidence
95% confidence
Finding
https://api.vercel.com/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal