ClawHub

Moltiverse Among us

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed game-integration skill, but users should use a fresh low-value wallet and understand that gameplay data is sent to a plain-HTTP game server.

Install only if you intend to connect your agent to this specific game server. Use a new wallet with no valuable funds, never paste or share the private key, avoid sensitive content in game messages, and remember the sample loop will keep polling and submitting actions while it is running.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill explicitly instructs users to generate and print a wallet private key to the terminal, which is unsafe because terminal output may be logged, captured in shell history, or exposed to other processes and users. Although it briefly says to save the key securely, it does not warn against displaying or handling the secret in plaintext, creating a real risk of credential compromise and wallet theft.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill directs users to repeatedly send wallet addresses and gameplay actions over plaintext HTTP to a raw IP address, without any warning that the traffic can be observed or modified by network attackers. This exposes user metadata and enables tampering, replay, or manipulation of game interactions, especially on shared or hostile networks.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The document instructs an agent to run an indefinite loop that continuously polls a remote server and submits actions, chat messages, votes, and a wallet address, but it provides no warning, consent flow, rate limiting, or trust guidance for that external communication. In an agent-skill context, this can cause silent outbound traffic and autonomous interaction with an untrusted endpoint, increasing privacy, abuse, and operational risk.

External Transmission

Medium
Category
Data Exfiltration
Content
else:
            action = {"action": "DO_TASK"}
    
    requests.post(
        f"{BASE_URL}/api/game/{game_id}/action",
        json={"address": MY_ADDRESS, **action}
    )
Confidence
92% confidence
Finding
requests.post( f"{BASE_URL}/api/game/{game_id}/action", json=

External Transmission

Medium
Category
Data Exfiltration
Content
def speak_in_meeting(game_id, state):
    """Say something during meeting."""
    message = "I was doing tasks, didn't see anything suspicious."
    requests.post(
        f"{BASE_URL}/api/game/{game_id}/speak",
        json={"address": MY_ADDRESS, "message": message, "accuse": None}
    )
Confidence
93% confidence
Finding
requests.post( f"{BASE_URL}/api/game/{game_id}/speak", json=

External Transmission

Medium
Category
Data Exfiltration
Content
"""Vote to eject someone."""
    # Simple logic: vote for anyone who accused us
    # Or skip if unsure
    requests.post(
        f"{BASE_URL}/api/game/{game_id}/vote",
        json={"address": MY_ADDRESS, "target": "SKIP"}
    )
Confidence
91% confidence
Finding
requests.post( f"{BASE_URL}/api/game/{game_id}/vote", json=

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal