ClawHub

Ctf Crypto

Security checks across malware telemetry and agentic risk

Overview

This is a CTF crypto reference, but it includes turnkey exploit guidance that could be reused against real accounts or services without clear authorization limits.

Install only for authorized CTFs, labs, or defensive research. Do not let an agent run the included commands, scanners, request floods, token-forging steps, or exploit payloads against third-party services or accounts without explicit permission and scope.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
This section expands beyond PRNG/crypto challenge techniques into general password cracking tradecraft, including wordlists, rules, masks, and hashcat modes. In an agent skill, that materially increases dual-use abuse potential by enabling credential attacks unrelated to the stated PRNG scope, so the static finding is valid.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The file contains detailed, operational guidance for private-key recovery, nonce-reuse exploitation, invalid-curve attacks, and fault-injection techniques, but provides no authorization, legal, or safe-use boundaries. Even in a CTF context, this materially lowers the barrier to adapting the content to real systems, especially because the examples include directly reusable recovery formulas and code.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
This section explicitly describes chaining a padding oracle with CBC bit-flipping to achieve command injection and RCE, including a concrete payload (`;$(cat *.txt)`) and code to forge the ciphertext. In a security skill focused on attack techniques, that materially lowers the barrier to weaponizing the content beyond education and crosses from general explanation into actionable exploitation guidance.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
This section contains concrete offensive workflows and tool invocations for padding-oracle and Bleichenbacher-style exploitation against live services, with no authorization, lab-only, or safe-use constraints. Even though the skill is framed as CTF-focused, the guidance is directly transferable to real systems and materially lowers the barrier to misuse.

Missing User Warnings

High
Confidence
98% confidence
Finding
The content gives a concrete procedure for predicting password reset tokens by harvesting exposed random outputs, reconstructing MT state, and forging a reset URL. That is actionable account-takeover guidance against real services, and the CTF framing does not meaningfully constrain misuse because the technique directly maps to production systems that misuse Python's random module.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
This passage instructs the reader to replay captured RSA-related outputs back to a server to exploit key reuse across rounds. Even though brief, it is still direct offensive guidance for abusing authentication/signature workflows and can facilitate unauthorized actions when similar implementation flaws exist outside a CTF.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This skill provides detailed, actionable offensive cryptographic exploitation guidance, including attack preconditions, code, and operational steps for recovering plaintexts, private keys, or forging signatures. Although framed as CTF material, the content maps directly to real-world weaknesses such as textbook RSA, oracle abuse, timing leaks, shared-prime failures, and signature verification flaws, and it contains no safety, authorization, or legal-use guardrails.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The file is a concentrated catalog of offensive cryptographic exploitation techniques, including proof forgery, signature key recovery, race-condition exploitation, verifier-oracle abuse, and toxic-waste extraction, with step-by-step guidance and code snippets. In a CTF context this may be educational, but the same content directly transfers to real systems and there are no warnings, authorization boundaries, or constraints that limit misuse, which increases dual-use risk.

VirusTotal

1/65 vendors flagged this skill as malicious, and 64/65 flagged it as clean.

View on VirusTotal