ClawHub

Bittensor Sn85 Vibe Miner

Security checks across malware telemetry and agentic risk

Overview

This miner guide matches its stated goal, but it asks users to put wallet material on a rented GPU server and run unauthenticated public services, so it needs careful review.

Install only if you understand Bittensor miner operations and trust the rented host. Use dedicated low-value hotkeys, avoid copying coldkey or unnecessary wallet files, pin and verify upstream code and ffmpeg binaries, expose only the required ports, monitor public services, and know how to stop PM2 startup and rotate keys if the host may be compromised.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The script is presented as a local 'quick status check' but silently contacts a third-party service via `curl -s ifconfig.me` to discover the host's public IP. This leaks metadata about the machine running the script, creates an unnecessary external dependency, and may violate operator expectations in restricted or monitored environments.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly instructs users to expose backend services through public reverse-proxied ports and to remove authentication, but does not warn about the security consequences or require network restrictions. Publishing Flask-backed media-processing endpoints to the Internet can enable unauthorized access, abuse of GPU/CPU resources, denial of service, and potential exploitation of bugs in the service stack or underlying tools.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script makes an undisclosed request to `ifconfig.me` solely to print externally reachable URLs, which sends the operator's IP lookup to a third party without warning. In a status script, this behavior is unexpected and can expose network information, trigger compliance issues, or fail in air-gapped and tightly controlled environments.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal