ClawHub

Paegents

Security checks across malware telemetry and agentic risk

Overview

This is a coherent payment-integration skill, but it handles real payment actions, API keys, seller credentials, proxy traffic, and webhooks, so users should install it only with scoped credentials and supervision.

Install only if you trust Paegents and the configured API endpoint. Use least-privilege Paegents keys, scoped seller API keys, and sandbox/testnet flows before production funds. Keep wallet private keys and API secrets out of chat, logs, repos, and shell history. Require explicit review before creating webhooks, registering services with credentials, enabling auto-accept, activating escrow, or initiating settlement.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
82% confidence
Finding
Webhook management adds an outbound data-exfiltration surface that is not disclosed in the skill description. Because the API allows registering arbitrary delivery URLs for signed event notifications, a user or downstream system could unknowingly authorize transmission of operational data to external infrastructure.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The service registration schema includes a raw api_key field with no warning, masking guidance, or safer alternative, encouraging storage and transmission of third-party secrets through the platform. In a payments-related skill, silent collection of service credentials materially increases the risk of credential leakage, misuse, and cross-system compromise if logs, telemetry, or support tooling capture request bodies.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
Webhook creation accepts an arbitrary outbound URL but provides no warning that event payloads will be transmitted to an external endpoint. This can lead users to unintentionally route potentially sensitive operational or transactional data to third parties, creating confidentiality and compliance risk.

Missing User Warnings

High
Confidence
97% confidence
Finding
The metered proxy is explicitly described as a transparent relay to seller APIs, yet the specification does not disclose what request data, headers, or bodies are forwarded to third parties. In this payment and escrow context, such proxying can expose agreement identifiers, usage data, prompts, or other sensitive business payloads to external seller-controlled systems without adequate user awareness.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal