ClawHub

nostr-dogechat

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a real DogeChat/Nostr bridge, but it can post location-tagged public messages and stores a local signing key with limited disclosure and controls.

Review before installing. Only use this if you are comfortable with an agent posting public Nostr messages tied to a geohash. Before each send, confirm the exact message and use a coarse geohash when possible. Consider deleting ~/.openclaw/nostr-dogechat/identity.json after use if you do not want the generated posting identity retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The code generates a long-term Nostr secret key and writes it to disk in plaintext JSON under the user's home directory without setting restrictive permissions or notifying the user. Any local user, malware, backup system, or misconfigured file sharing that can read this file can impersonate the agent identity and publish messages as it.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill publishes message content to multiple external public relays, including the geohash tag and agent name, without any user-facing disclosure or confirmation. In an agent setting, this can exfiltrate user-provided or agent-derived data to third-party infrastructure and make it publicly observable, which is especially risky because Nostr messages are broadly replicated and difficult to retract.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal