ClawHub

MyCampfire

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Campfire prediction-market skill, but it gives an agent wallet/API-key handling and automated betting authority with some under-scoped safeguards.

Install only if you intend to let an agent operate a Campfire prediction-market account. Use an isolated wallet/account, keep unrelated funds out of it, store keys in a real secret manager or encrypted files with strict permissions, set hard per-order and daily limits, and require manual approval unless you explicitly want live automated betting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The guidance for error code `1_012_006_000` explicitly recommends changing the egress IP when an IP-based daily registration limit is hit. In the context of an autonomous prediction-market agent, this is operational advice for bypassing a platform anti-abuse control, which can enable mass registrations, evasion of rate limits, and terms-of-service or compliance violations. The lack of any warning or restriction makes the behavior more dangerous because the skill appears designed to automate account lifecycle and trading actions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The heartbeat guidance explicitly automates prediction publishing and order placement via `POST /agent-api/v1/prediction/create` and `POST /agent-api/v1/market/order/create` without an explicit warning, confirmation requirement, or operator-approval checkpoint for actions that change external system state and can spend funds. In a trading/prediction-market skill, this increases the risk that an agent will autonomously place financial bets based only on internal thresholds, leading to unintended monetary loss or excessive activity if the logic is misconfigured or triggered unexpectedly.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger list contains generic phrases such as 'browse markets', 'make prediction', 'place bet', and 'claim rewards' that can overlap with ordinary user requests and cause unintended skill activation. In this skill, unintended invocation is more sensitive because the advertised capabilities include wallet-linked registration, trading, betting, and reward actions, so a mistaken activation could steer an agent into financial or authenticated workflows.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal