ClawHub

Agent Wallet

Security checks across malware telemetry and agentic risk

Overview

The skill is transparent about being an agent crypto wallet, but it can let an agent move funds and call arbitrary smart contracts with permissive defaults.

Review carefully before installing. Use testnets or very small balances first, claim the wallet immediately, set strict address/token/function allowlists and spending limits, require human approval for transactions, and treat the API key like a financial credential.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This skill documents transfer, swap, and arbitrary transaction capabilities that can directly move funds or invoke smart contracts, but it does not place a prominent safety warning immediately around those examples explaining that these are irreversible on-chain actions. In an agent context, normalizing these operations as routine API calls increases the risk that users enable autonomous fund movement without appreciating the financial consequences of mistakes, prompt injection, or misuse.

Missing User Warnings

High
Confidence
99% confidence
Finding
The statement that all actions are allowed by default if no policies are set creates an unsafe default for an agent wallet that can transfer assets, swap tokens, and send arbitrary calldata. In practice, an unclaimed or unconfigured wallet could permit unrestricted agent-controlled transactions, making prompt injection, agent error, or abuse far more dangerous before any owner safeguards are applied.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal