ClawHub

Crypto Market Data Skill (No Key Required)

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent market-data tool, with disclosed external API use and a local token cache that users should understand.

Install only if you are comfortable sending requested symbols, coin IDs, currencies, and search terms to api.igent.net. Keep the skill directory private, avoid setting API_BASE_URL unless you trust the replacement service, and delete scripts/.token if you want to clear the cached provider session.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
86% confidence
Finding
Authentication material is persisted to a local .token file in the skill directory without any file-permission hardening, encryption, or disclosure to the user. If the workspace is shared, backed up, or readable by other local processes, the token can be reused to access the vendor API or profile user activity tied to that token.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly states that authentication tokens are automatically persisted to a hidden local .token file, but it does not clearly warn the user about credential storage, file location, lifetime, or local security implications. Persisting bearer-style session material to disk can expose credentials to other local users, backups, accidental commits, or malware, especially in shared agent environments.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The code silently saves the fetched API token to disk via fs.writeFileSync(TOKEN_FILE, JSON.stringify(data)) with no user-facing notice or consent. Hidden persistence of auth material increases the chance of accidental exposure and makes incident response harder because users may not realize credentials were stored locally.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal