ClawHub

Clawhub Skill Passive Income Tracker

Security checks across malware telemetry and agentic risk

Overview

This skill appears aimed at tracking passive income, but it asks users to handle sensitive session tokens and node keys in ways that can leak them.

Review this skill carefully before installing. Only use it if you understand which accounts and nodes it will access, disable or limit messaging summaries if you do not want earnings data sent to third-party chat services, and avoid pasting session tokens or node keys directly into commands unless the skill provides a safer secret-handling method.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill advertises automatic daily and weekly earnings summaries sent over WhatsApp/Telegram, which can disclose financial activity, service usage patterns, and operational status to third-party messaging platforms. Without a clear privacy warning and opt-in data minimization guidance, users may unknowingly expose sensitive personal or business metadata.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documentation instructs users to extract and reuse a Grass session token from browser storage without prominently warning that it is a sensitive authentication credential. If copied insecurely, logged in shell history, or shared inadvertently, the token could allow account access or unauthorized querying of earnings/account data.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill tells users to read a local node key directly from the filesystem and pass it on the command line, but does not warn that this key is highly sensitive. This can leak through shell history, process listings, logs, or screenshots, potentially enabling unauthorized access to the node or associated identity.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal