ClawHub

Bountyswarm

Security checks across malware telemetry and agentic risk

Overview

BountySwarm appears to be a coherent bounty-platform client, but it can trigger USDC escrow, payout, and delegation actions without enough documented guardrails for financial risk or data exposure.

Review before installing. Use only a backend you trust, confirm whether it uses testnet or real USDC, and verify every reward amount, winner address, sub-agent address, deadline, and fee percentage before running state-changing commands. Do not put secrets, private keys, internal documents, or confidential deliverables in metadataURI, resultURI, or subtaskURI unless they are safe to expose to the backend and potentially public storage.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill describes commands that create bounties, lock rewards in escrow, and release USDC, but it does not clearly warn users that these actions may move or lock real funds. In an agent setting, this omission can cause operators to invoke financially sensitive commands without understanding that they affect live assets, increasing the risk of unintended transfers or locked funds.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The manifest exposes commands for creating USDC-funded escrows and submitting result metadata to external URIs, but it provides no warning that using these commands can commit funds on-chain or disclose task/result data to third-party services such as IPFS or arbitrary URLs. In a financial skill, omission of these warnings increases the risk of unintended fund loss, irreversible transactions, and privacy-sensitive data leakage.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The subcontract feature allows sharing bounty details with another agent via an external URI and defining a fee split, but the manifest does not warn that this may disclose confidential task information or create financial obligations with another party. Because this skill is explicitly designed for decentralized bounty delegation, missing disclosure and consent language makes accidental oversharing and misconfigured compensation more likely.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal