ClawHub

Ctf Malware

Security checks across malware telemetry and agentic risk

Overview

This is a coherent CTF malware-analysis guide, but it needs Review because it includes live use of recovered Telegram bot tokens and file downloads without clear authorization or containment guidance.

Install only for authorized CTF, lab, or incident-response work. Do not let an agent run samples or use recovered bot tokens on a normal workstation or production network; require explicit approval, use an isolated VM or sandbox with controlled egress, and treat tokens and any retrieved files as sensitive evidence.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill provides package installation commands and dynamic analysis commands that execute untrusted samples (`strace ./suspicious`, `ltrace ./suspicious`) without an explicit, prominent warning to use an isolated sandbox or disposable VM. In a filesystem-capable agent context with bash and internet access, this increases the chance an operator or agent runs potentially malicious binaries on a real host or installs tooling into a sensitive environment.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The guidance to use recovered Telegram bot tokens against `getUpdates` and `getFile` APIs instructs interaction with a live third-party service using credentials extracted from malware, but it omits authorization, privacy, and legal warnings. This can lead to unauthorized access to attacker-controlled or victim-related communications and may expose sensitive data or trigger unintended operational effects.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
This section provides executable instructions and code to contact Telegram's API using a recovered bot token and retrieve message history and files, but it omits guardrails about authorization, evidence handling, or avoiding live interaction with third-party infrastructure. In a malware-analysis skill, that creates real risk of encouraging analysts to access external services and collect potentially sensitive exfiltrated data without legal or operational controls.

External Transmission

Medium
Category
Data Exfiltration
Content
TOKEN = "bot_token_here"
# Get updates (message history)
r = requests.get(f"https://api.telegram.org/bot{TOKEN}/getUpdates")
# Download files sent to bot
file_id = "..."
r = requests.get(f"https://api.telegram.org/bot{TOKEN}/getFile?file_id={file_id}")
Confidence
91% confidence
Finding
https://api.telegram.org/

External Transmission

Medium
Category
Data Exfiltration
Content
r = requests.get(f"https://api.telegram.org/bot{TOKEN}/getUpdates")
# Download files sent to bot
file_id = "..."
r = requests.get(f"https://api.telegram.org/bot{TOKEN}/getFile?file_id={file_id}")
file_path = r.json()['result']['file_path']
requests.get(f"https://api.telegram.org/file/bot{TOKEN}/{file_path}")
```
Confidence
91% confidence
Finding
https://api.telegram.org/

External Transmission

Medium
Category
Data Exfiltration
Content
file_id = "..."
r = requests.get(f"https://api.telegram.org/bot{TOKEN}/getFile?file_id={file_id}")
file_path = r.json()['result']['file_path']
requests.get(f"https://api.telegram.org/file/bot{TOKEN}/{file_path}")
```

---
Confidence
92% confidence
Finding
https://api.telegram.org/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal