ClawHub

Alkahest User

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate blockchain escrow skill, but it gives agents patterns for wallet secrets and real fund-moving transactions without enough safety guardrails.

Review before installing. Use a dedicated low-balance wallet, prefer testnets first, avoid putting private keys or mnemonics in prompts, shell history, CLI arguments, source files, logs, or shared environment variables, and require explicit human approval plus chain, contract, token, amount, arbiter, UID, and expiration checks before any approval, escrow, payment, arbitration, collection, reclaim, or slash command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This skill gives step-by-step instructions for creating escrows, approving token transfers, collecting funds, and slashing bonds, but does not prominently warn that these actions can irreversibly move or destroy on-chain assets. In an agent context, concise executable examples may be copied or automated directly, increasing the chance of users or downstream agents performing financially destructive transactions without adequate confirmation or risk awareness.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The authentication section instructs users to pass private keys and mnemonics via CLI flags and environment variables without warning that these secrets can leak through shell history, process listings, logs, CI output, or shared environments. Because the skill is intended for agent/CLI use, operators may paste live wallet credentials into unsafe contexts, leading to full wallet compromise and theft of blockchain assets.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation explains escrow locking, immediate payment transfer, release, and reclaim flows, but it does not warn users that these operations can move funds irreversibly or lock assets until specific arbiter/expiration conditions are met. In a CLI skill for interacting with live contracts, omission of transaction-risk warnings can mislead users into signing transactions they do not fully understand, increasing the chance of accidental asset loss or premature transfer.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal