ClawHub

Pearl

Security checks across malware telemetry and agentic risk

Overview

Pearl is a disclosed payment-wallet helper for paid skills, but users should understand it stores local tokens and shares a limited token with paid skill providers.

Install only if you trust Pearl Cash as a payment provider. Review Pearl dashboard approvals and spending limits, use Pearl-paid skills only from providers you trust, and remove or revoke ~/.pearl/config.json credentials if you no longer want this machine connected.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill clearly performs network operations to pearlcash.ai and to third-party skill-provider URLs, but it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: users and host platforms may not realize the skill can contact external services and transmit tokens, increasing the risk of unexpected data egress or misuse by downstream skills.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script collects the local machine hostname and transmits it to the Pearl service when creating a connect session, but it does not clearly warn the user that device-identifying information is being sent. Hostnames often contain personal or corporate identifiers, so this creates avoidable privacy leakage and environment fingerprinting, especially since the tool instructs the operator to send a login link to a user and may be run in enterprise environments.

Session Persistence

Medium
Category
Rogue Agent
Content
node {baseDir}/scripts/balance.js
```

Do NOT create `~/.pearl/config.json` manually. The file is generated by this setup flow and contains server-issued tokens that cannot be fabricated.

## Usage
Confidence
72% confidence
Finding
create `~/.pearl

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal