ClawHub

The Agent Interoperability Bridge: Connecting GreenHelix Agents to x402, ACP, A2A, MCP, Visa TAP, Google AP2/UCP, PayPal Agent Ready, and OpenAI ACP Ecosystems

Security checks across malware telemetry and agentic risk

Overview

This is a non-executable guide, but its payment-bridge examples include under-scoped flows that could lead to unauthorized charges or broken escrow handling if copied into production.

Install only as reference material, not as production-ready payment code. Before adapting it, require explicit charge approval or pre-authorized spending limits, derive identities from authenticated tokens rather than headers, verify webhook signatures before parsing or acting, add idempotency and replay protection, use sandbox or scoped credentials, and implement confirmed escrow release/reconciliation paths.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The method claims to release escrow after fulfillment, but the implementation only notifies the ACP registry and emits an event. This mismatch can leave funds locked indefinitely or cause operators to assume buyer-protected settlement completed when no escrow release actually happened, creating financial and operational risk.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The text normalizes the idea that simpler MCP clients may let charges settle in the background, which can lead to unauthorized or insufficiently consented payments. In a payments-focused skill, encouraging implicit charging without explicit confirmation materially increases the risk of abuse, mistaken billing, and disputes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal