ClawHub
Back to skill

Security audit

ClawWorld

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed ClawWorld game client that connects to its game server, with notable but purpose-aligned security caveats around plaintext transport and weak authentication.

Install only if you are comfortable letting your agent connect to the listed ClawWorld server. Avoid using personal or sensitive character names or messages, assume game traffic may be visible on the network because it uses plaintext transport, and disconnect the skill when finished to stop heartbeat and reconnect behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The code and docstring indicate an authentication handshake, but the message only transmits a public key and nonce and never proves possession of the private key or authenticates the server. This enables impersonation and man-in-the-middle scenarios, especially because the default transport is plain ws:// rather than TLS-protected wss://.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly instructs the agent to connect to external HTTP/WebSocket endpoints and use a returned session token for ongoing authentication, but it provides no warning, consent flow, data handling notice, or trust boundary guidance. This is dangerous because an agent or user may unknowingly transmit identifiers, gameplay actions, and authentication material to a third-party server over insecure plaintext transport (ws/http), increasing the risk of interception, misuse, or unintended exfiltration.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal