ClawHub

Hippius Storage

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Hippius storage helper, but it needs review because it handles powerful storage and wallet-related credentials and has an RPC endpoint option that does not actually control where data is sent.

Install only if you intend to use an agent for Hippius storage. Use least-privilege S3 keys, avoid entering a wallet seed phrase unless absolutely necessary, prefer HTTPS endpoints, and require explicit confirmation before upload, sync, delete, pin, or unencrypted IPFS operations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill documents use of shell commands, network access, and environment variables, but it does not declare those capabilities as permissions. This creates a transparency and governance problem: an agent or reviewer may underestimate what the skill can cause a user to do, including transmitting data and handling secrets.

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The script advertises configurable RPC endpoint support but silently ignores the supplied value and always uses the hardcoded endpoint. This is a security-relevant integrity issue because users may believe they are querying a trusted internal or HTTPS endpoint when the tool actually sends requests elsewhere.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs users to send credentials and files to an external storage endpoint without any warning about third-party data transfer, retention, or sensitivity considerations. In an agent context, this can lead users to upload confidential data or use production credentials without informed consent or risk awareness.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation tells users to export AWS-style access keys directly in the shell without warning that secrets may be stored in shell history, exposed to other local users via process inspection in some environments, or accidentally persisted in terminal logs. In a storage-management skill, these credentials grant access to decentralized object storage, so leaking them could enable unauthorized reads, writes, or bucket enumeration.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The guide includes destructive and privacy-impacting storage operations such as download/list/delete without any cautionary framing, confirmation requirements, or warnings about handling sensitive data. In an agent skill context, these examples can normalize unsafe actions and make it easier for an agent or user to perform data-destructive or privacy-affecting operations without sufficient review.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The RPC helper defaults to http://api.hippius.io, so account identifiers and responses are transmitted without transport encryption. Even if the data is not highly secret, plaintext HTTP enables interception, modification, and endpoint impersonation by network attackers.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal