ClawHub

Crypto Learning

Security checks across malware telemetry and agentic risk

Overview

This is a coherent crypto-education skill that stores local lesson progress and has no evidence of credential access, trading actions, exfiltration, or destructive system behavior.

Install only if you want a stateful daily crypto-learning helper. Review or reset progress.json before use, be aware that lesson runs can advance saved progress, and treat the generated crypto material as educational content rather than investment guidance.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README states that learning progress is automatically updated and can be reset, but it does not clearly warn users that invoking commands may modify persistent local state in progress.json. This can lead to unintended data loss or silent state changes, especially in an automated skill that runs on a schedule, making behavior less transparent and harder for users to control.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly updates progress.json as part of normal use, but the user is not warned that persistent state will be modified. Silent persistence is a security and privacy concern because it changes local state without informed consent, may reveal usage patterns, and can surprise users who expected a stateless educational interaction. The context makes this somewhat more sensitive because the skill supports tracking, skipping, and reset workflows, implying repeated writes over time.

Missing User Warnings

Low
Confidence
82% confidence
Finding
Writing generated content to a predictable file in /tmp can expose that content to other local users or processes, and temporary directories are a common source of symlink and unintended disclosure issues. In this skill context the content is educational rather than highly sensitive, so the impact is limited, but the storage pattern is still insecure and unnecessary if delivery is meant to be direct.

VirusTotal

53/53 vendors flagged this skill as clean.

View on VirusTotal