ClawHub

Crypto Content Crafter

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a simple crypto/NFT marketing copy generator, with no evidence of hidden execution, data access, persistence, or exfiltration.

Install only if you want help drafting crypto or NFT promotional content. Treat outputs as marketing drafts, not compliant financial copy: verify every utility, roadmap, governance, access, redemption, scarcity, and return-related claim before publishing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill advertises a wide range of triggers such as NFT marketing copy, launch content, Twitter threads, and roadmap generation without clear guardrails on when it should activate or what kinds of crypto claims are disallowed. In an agent environment, this broad scope can cause over-invocation for loosely related prompts and increase the chance the skill is used to generate manipulative, misleading, or financially promotional content in high-risk crypto contexts.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The generated copy contains strong crypto/NFT promotional claims and inducements such as governance rights, early access, merchandise redemption, and calls to 'secure your spot' without any compliance, substantiation, or user-controlled safety guardrails. In the context of a skill specifically designed to mass-produce crypto marketing content, this can facilitate misleading financial promotion, regulatory noncompliance, or scam-like launch materials at scale.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal