ClawHub

Pg Sell

Security checks across malware telemetry and agentic risk

Overview

This is a coherent ProxyGate seller guide, but it includes broad activation language and commands that can expose services, change live listings or credentials, and move funds without enough confirmation guidance.

Install only if you intend to operate ProxyGate seller services. Before use, verify the ProxyGate CLI or SDK source, confirm every listing ID, price, exposed port, header, credential, and wallet amount, avoid putting secrets directly into shared prompts or shell history, use dry runs where available, and require explicit confirmation before deleting listings, rotating credentials, withdrawing or depositing funds, or starting production tunnels.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger guidance is overly broad and encourages invocation for common phrases like 'earnings', 'go live', or 'expose service', which can cause the skill to activate outside narrowly intended contexts. Because this skill includes actions that can publish services, modify listings, and rotate credentials, over-invocation raises the chance of the agent steering users into sensitive operational flows without sufficient confirmation.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
These instructions cover destructive and credential-sensitive operations such as delete, pause/unpause, and rotate-key, but they do not require warning the user about permanence, downtime risk, credential exposure, or confirmation before execution. In an agent context, that omission is dangerous because it can normalize high-impact account and service changes as routine commands, increasing the risk of accidental disruption or credential mishandling.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The reference includes destructive wallet operations such as logout --all and listing deletion/pause semantics elsewhere without clear warnings about irreversible effects or account-impacting consequences. In an agent skill context, terse command docs can encourage automation to invoke destructive actions without explicit user confirmation, increasing the risk of accidental loss of access, downtime, or deletion.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The command reference documents credential-bearing options such as --api-key and keypair paths without warning that these values are sensitive and should not be logged, echoed, or pasted into shared channels. In an agent-assisted environment, this omission raises the chance of credential exposure through transcripts, shell history, screenshots, or generated commands.

Missing User Warnings

Low
Confidence
80% confidence
Finding
The proxying and tunneling commands send traffic to external services and can expose local endpoints, but the reference does not warn about data egress, sensitive payload transmission, or the risk of unintentionally publishing internal services. In this skill context, that omission is more dangerous because the skill explicitly supports 'start tunnel' and 'expose service' workflows that can affect live systems and confidential data.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal