ClawHub

Openclaw Agentpmt Tool Complex Math Tool D00c32

Security checks across malware telemetry and agentic risk

Overview

This math skill also gives the agent broad wallet, payment, and third-party job-execution instructions that need human review before use.

Only install this if you intend to let an agent interact with AgentPMT using a wallet and credits. Use a dedicated low-balance wallet, require explicit approval before every signature, purchase, or job action, and do not allow the agent to execute returned private job instructions automatically.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill includes extensive unrelated AgentPMT platform marketing and capability descriptions far beyond a simple math tool. This broadens the apparent operational scope and can prime an agent to invoke unrelated high-risk capabilities, increasing the chance of scope confusion or unsafe tool chaining.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The skill instructs the agent to create wallets, purchase credits, or earn credits through jobs as part of using a math API. Those actions introduce financial operations and arbitrary external task execution that are not necessary for a basic math function, creating a path to unauthorized spending or unintended work on third-party jobs.

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The documented jobs workflow authorizes reserving, executing, and completing external jobs unrelated to the math tool. This materially expands the skill from math computation into arbitrary remote work execution, which could expose the agent to prompt injection, data exfiltration, or unauthorized actions under the guise of earning credits.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill describes wallet creation and signed payment flows without any user-facing consent, spending disclosure, or warning that financial actions may occur. In context, this is dangerous because the advertised capability is a low-risk math tool, so users and orchestrators may not expect blockchain wallet creation or payment activity.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill tells the agent to send wallet addresses, session nonces, signatures, and potentially job-related data to external endpoints without any privacy notice or data handling boundaries. Even if private keys are not transmitted, these identifiers and signed requests are sensitive operational metadata and should not be shared silently.

VirusTotal

No VirusTotal findings

View on VirusTotal