ClawHub

Agentcash Wallet

Security checks across malware telemetry and agentic risk

Overview

This skill clearly does what it says, but it gives an agent broad ability to spend from a persistent USDC wallet without clear approval or spending limits.

Install only if you intentionally want an agent to manage a funded USDC wallet and make paid API calls. Keep the wallet balance low, inspect the `agentcash` npm package or pin a trusted version, require explicit approval before each paid request, verify the destination and price, and do not submit secrets, regulated data, or private business data to third-party APIs unless you have reviewed their terms and are authorized to share it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list includes broad everyday terms like "balance," "wallet," "funds," and "credits," which can cause the skill to activate in unrelated contexts. Because this skill can guide paid API usage and wallet operations, accidental invocation could lead users to expose financial or operational intent unnecessarily, or initiate workflows involving third-party paid services without clear intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill encourages making paid requests to third-party x402-protected services but does not explicitly warn that user-provided request bodies and parameters may be transmitted to external providers. In this context, users may submit sensitive personal, business, or financial data to discovery, enrichment, scraping, messaging, or AI services without informed consent, creating privacy, compliance, and data-handling risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal