ClawHub

Upload Clawhub

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed DeFi trading tool, but it gives an AI agent sensitive wallet authority and has enough ambiguity around secret handling and risk controls to require careful review before use.

Install only if you intentionally want an AI agent to perform BSC DeFi actions. Use a brand-new operator wallet with minimal gas only, never a main or owner wallet, verify the npm package and version before installing, set strict on-chain limits, and require explicit confirmation before every transaction, especially transfers, config changes, or raw calldata.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
- Immediately explain that this is the operator hot wallet for AI only.
- Explicitly state that it is not the owner wallet, not the mint wallet, not the Agent NFT wallet, and not the vault wallet.
- Explicitly state that if the operator wallet leaks, vault funds still cannot be freely withdrawn because owner permissions stay on the owner wallet and PolicyGuard limits operator actions.
- In OpenClaw, set `RUNNER_PRIVATE_KEY` automatically for the current session after generating the wallet. Do not ask the user to set the environment variable manually.

2. Verify gas:
- Ensure the operator wallet has a small BNB balance for gas.
Confidence
89% confidence
Finding
Do not ask the user

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
2. Always call it the operator wallet or AI hot wallet.
3. Always explain the dual-wallet model the first time setup is discussed.
4. Always warn that the operator wallet must not be used to mint, subscribe to, or hold the Agent NFT.
5. Do not ask the user to manually set `RUNNER_PRIVATE_KEY` in OpenClaw; AI should do it.
6. After setup is complete and the user provides a token-id, run readiness checks automatically before asking the user what to do next.
7. When multiple listings are available, recommend one by default and explain why.
8. Prefer the structured `status.readiness` fields over ad-hoc prose when deciding the next user-facing instruction.
Confidence
87% confidence
Finding
Do not ask the user

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal