ClawHub

Xpulse

Security checks across malware telemetry and agentic risk

Overview

Xpulse is a disclosed, purpose-aligned prediction-market signal scanner that uses sensitive trading context but does not show hidden exfiltration, destructive behavior, or account mutation.

Install only if you are comfortable with the skill reading your Kalshi position metadata, using your configured topics in DuckDuckGo searches, sending prompts to a local Ollama service, and keeping recent signal cache/history under ~/.openclaw/state. Protect the Kalshi private key file and periodically clear the cache/history if the monitored topics or derived trading context are sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill processes X/Twitter post content and Kalshi position data and sends this information to external or semi-external services such as DuckDuckGo, Kalshi, and a local Ollama service, yet the description lacks a clear privacy warning. Users may not realize that their trading interests and positions can be inferred or transmitted during normal operation.

Ssd 3

Medium
Confidence
91% confidence
Finding
The design explicitly retains suppressed signal topics and truncated summaries in runtime state and a local cache, which creates a persistent natural-language record of inputs that were intentionally not surfaced. Even if the source data is public social content, the retained set reveals the user's scanning interests, matched trading context, and potentially sensitive derived intelligence, increasing exposure if logs, state, or cache files are accessed by other tools or users.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal