ClawHub
Back to skill

Security audit

Yields Llama

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed DeFi yield lookup helper, but users should review the third-party CLI install steps before running them.

Install only if you are comfortable building and running a third-party Rust CLI. Prefer reviewing the repository, pinning a known commit, using a user-local install path, and running the commands from a dedicated directory so `.env` and `data.json` do not affect another project.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill includes installation steps that clone a repository, build code, and copy a binary into a system PATH location. Those actions go beyond the declared purpose of answering yield queries and, if followed automatically or without review, could introduce untrusted code execution and persistent system modification.

Context-Inappropriate Capability

Low
Confidence
85% confidence
Finding
The skill instructs writing a `.env` file in the current working directory before execution. Even though the content is not secret here, arbitrary file creation in the caller’s working directory is a side effect outside a simple query workflow and can overwrite or interfere with local project state.

Context-Inappropriate Capability

Low
Confidence
83% confidence
Finding
The refresh guidance tells users to delete `data.json` to force a cache refresh. This is a destructive filesystem operation unrelated to merely querying data and could remove an unexpected file if run in the wrong directory or under automation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.