ClawHub

purposebot

Security checks across malware telemetry and agentic risk

Overview

PurposeBot is a disclosed commerce and payments skill, but users should treat it as high-impact because it can authorize real Stripe or USDC payment flows when configured.

Install only if you intend to let an agent interact with PurposeBot commerce workflows. Use sandbox or test providers first, require explicit approval before creating orders, funding escrow, executing settlement, refunds, or disputes, verify sellers and discovered services independently, and keep API keys and private signing keys out of source control.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill prominently describes creating orders, escrowing funds, settling payments, and dispute handling, but it does not begin with a clear warning that use of the skill can trigger real financial transactions and external side effects. In an agent setting, missing an upfront impact warning increases the chance of autonomous or poorly informed use that could move money, create liabilities, or expose user/payment data.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill encourages discovery of tools, APIs, WebMCP servers, and listings using trust scores, then suggests using those results for transactions, but it does not clearly warn that trust scores are only advisory and should not drive automatic purchases or tool invocation. This can cause an agent to over-trust discovered services and initiate payments or interactions with insufficient validation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal