ClawHub

x402 Agentic Creation

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for API monetization, but it exposes live USDC withdrawal authority without clear built-in confirmation or limits.

Review before installing in autonomous environments. Use this only with host-enforced approvals for withdrawals, wallet/session limits, destination and network verification, secure storage for private keys and management tokens, and audit logging for provisioning and payout actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill declares networked, wallet-adjacent functionality and explicitly relies on host-injected credentials and outbound API calls, but it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: a host or reviewer may underestimate that the skill can trigger external provisioning, earnings lookups, and withdrawal actions against a third-party service.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly documents a `withdraw_funds` capability that moves USDC but does not clearly require a human confirmation step, policy gate, or other explicit authorization before payout. In an agent-skill context, documenting fund-moving operations as routine actions increases the risk that integrators expose withdrawal functionality to autonomous agents without adequate approval controls, which could lead to unintended or prompt-induced transfers.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill advertises 'daily automated withdrawals' without any mention of user approval, confirmation, destination verification, or configurable limits. In a financial skill handling USDC payouts, silent or automatic withdrawal behavior increases the chance of unauthorized fund movement, mistaken transfers, or abuse if the skill is invoked unexpectedly.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The activation section describes provisioning monetized endpoints and withdrawing funds, but provides no user-facing warning that these are external, financially consequential operations on live networks. This omission makes accidental invocation more dangerous because users may not realize the actions can expose services publicly or move real assets.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill exposes a tool that executes a withdrawal of earned USDC to the agent's wallet, but the description provides no explicit warning that this action moves funds and may be irreversible. In an agent setting, weak or non-obvious disclosure around money movement increases the risk of unintended or socially engineered withdrawals, especially if the user assumes the call is only informational or administrative.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal