ClawHub

Token Burn Monitor

Security checks across malware telemetry and agentic risk

Overview

This is a local token and cost dashboard with sensitive prompt display disclosed as an opt-in setting, so it is acceptable when kept local and configured carefully.

Install only on a machine where the dashboard may read OpenClaw session logs. Keep showPrompts and SHOW_PROMPTS disabled unless every dashboard viewer is trusted to see prompt text, keep the server bound to localhost, and review custom themes before enabling them because themes can display any data the API returns.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The API returns per-message metadata including `userPrompt`, and prompt redaction is only conditional on `SHOW_PROMPTS` or `config.showPrompts`. That means a monitoring dashboard can expose sensitive user task content from agent session logs, which is broader access than the skill description suggests and increases risk of leaking secrets, internal instructions, or private requests to any local or network-accessible client.

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The UI explicitly renders `m.userPrompt` in an expandable row whenever a message includes a prompt, which contradicts the skill metadata claim that user prompts are redacted by default. In a token-monitoring dashboard, prompts may contain secrets, personal data, credentials, or sensitive operational context, so exposing them to any dashboard viewer materially increases data leakage risk.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The API explicitly supports exposing `userPrompt` contents when `showPrompts` is enabled, but the documentation only notes the behavior and does not clearly warn that this can reveal potentially sensitive user inputs from session files. In a monitoring dashboard context, operators may enable the setting for convenience and inadvertently disclose secrets, personal data, or internal prompts to anyone with access to the dashboard or local API.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal