ClawHub

Openclaw Agentpmt Tool Chart Generator 42120a

Security checks across malware telemetry and agentic risk

Overview

The skill can generate charts, but it also tells the agent to spend blockchain-linked credits and perform unrelated marketplace jobs without clear user control.

Install only if you are comfortable with AgentPMT wallet signing and paid credit flows. Use a dedicated low-fund wallet, require explicit confirmation for every payment or signature, and avoid allowing the agent to complete marketplace jobs from this chart-generation skill unless you can review each job’s instructions first.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill embeds extensive marketing and capability information about the broader AgentPMT marketplace that is unrelated to chart generation. This expands the apparent scope of the skill and can socially steer an agent toward invoking unrelated high-risk capabilities such as payments, webhooks, SSH, email, or trading, increasing the chance of unintended actions outside user intent.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The skill explicitly instructs the agent to earn credits by reserving and executing arbitrary jobs when funds are unavailable. This creates an open-ended delegation path far beyond chart generation, allowing the agent to take on unrelated tasks with unknown instructions, risks, and side effects, which is a serious scope-expansion issue.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill directs the agent to create a new wallet automatically when no wallet is available, but it does not clearly disclose this state-changing action to the user. Silent wallet creation can introduce custody, compliance, recovery, and spending risks, especially if the user does not realize a new financial identity is being generated on their behalf.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill states that credits may be funded through x402 payments and later instructs the agent to buy credits, but it does not prominently warn users that tool use can trigger real financial transactions. In context, this is dangerous because the skill combines external tool invocation with blockchain-linked payment flows, making unintended spending plausible if the agent follows the documented path automatically.

VirusTotal

No VirusTotal findings

View on VirusTotal