ClawHub

Atlas Argos Teste

Security checks across malware telemetry and agentic risk

Overview

This skill is instruction-only, but it asks an agent to autonomously operate a live crypto trading bot with broad system access, credential use, user/payment administration, public posting, and recurring external Telegram reporting.

Install only if this is your ARGOS machine and you are comfortable granting a supervised agent access to bot credentials, code, processes, payment/user records, and public posting accounts. Run it under a restricted user or project sandbox, require approval for code changes, restarts, user/payment changes, posts, package installs, and outbound reports, and redact or minimize user IDs, logs, revenue, and issue details before sending them to Telegram or external AI tools.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs storing payment records and user identifiers locally in JSON without any retention, access-control, minimization, or privacy guidance. This creates unnecessary exposure of personal and financial metadata if the host is compromised, misconfigured, or shared.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill mandates notifying Félix via Telegram about user activity, including new users and IDs, without consent boundaries or data-minimization controls. Forwarding identifiable user activity to an external messaging platform increases privacy risk and can expose operational intelligence if the account or chat is compromised.

Ssd 3

High
Confidence
98% confidence
Finding
This section requires broad reporting of operational events and user-related data to a third party over Telegram, using bot credentials sourced from the environment. In a high-privilege agent context, routine exfiltration of system state and identifiers materially increases the blast radius of any compromise and normalizes outbound data leakage.

Ssd 3

High
Confidence
98% confidence
Finding
The reporting script aggregates system health, user counts, issues, and local file contents, then sends them to Telegram. This is dangerous because it turns local operational and potentially sensitive state into externally transmitted chat content, creating a persistent exfiltration channel with little validation or redaction.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal