ClawHub

The Turing Pot Game — Read Historical Provably Fair Game Logs

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a disclosed Turing Pot log reader and tip notifier, but it can read a Solana private-key environment variable despite claiming no extra keys are needed.

Review before installing. Use it only in an environment that does not contain TURING_POT_PRIVATE_KEY unless you intend the script to read that value, and inspect the sibling turing-pot helper if present. Treat tips as real, irreversible SOL transfers: verify the live wallet address and amount independently, and avoid putting private information in the tip message.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README instructs users to send SOL on-chain and then report the transaction signature, but it does not warn that blockchain transfers are irreversible, may be sent to the wrong address, and can be abused if users trust stale or spoofed wallet details. In this skill context, the risk is elevated because the workflow explicitly encourages value transfer and relies on fetching a live wallet address from an external broadcast channel, increasing phishing and user-error exposure.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs agents to send an on-chain tip and then transmit wallet public key and transaction signature details without any explicit user-consent or spending warning. In an agentic setting, this can lead to unintended fund transfers, privacy leakage about wallet activity, or normalization of financial actions without clear authorization boundaries.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script automatically sends authentication material (`userToken`, potentially derived from `TURING_POT_PRIVATE_KEY`) and user-supplied transaction metadata (`from_pubkey`, `tx_sig`, `lamports`, message) to a hard-coded remote WebSocket endpoint with no explicit consent prompt, warning, or confirmation. Although the channel uses WSS, users may not realize sensitive identity and transaction information is being transmitted to an external service, increasing privacy and operational risk if the endpoint is untrusted, compromised, or misconfigured.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal