ClawHub

Nla Create

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims, but it can lock tokens on-chain and tells users to expose wallet private keys in risky ways without strong confirmation safeguards.

Install only if you intentionally want an agent to help create NLA token escrows. Use a dedicated low-balance wallet, avoid pasting private keys into chat or command lines, verify the network/token/amount/oracle/demand before any transaction, and assume the demand and arbitration settings may become public on-chain.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
83% confidence
Finding
The skill description is broad enough that an agent could invoke it whenever a user generally discusses escrow, tokens, or agreements, without an explicit confirmation gate for an irreversible on-chain action. In this context, broad triggering is risky because the skill culminates in blockchain state changes and token locking, so accidental or premature invocation could lead to costly user harm.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill introduces a token-locking workflow without a prominent upfront warning that the action can move assets on-chain, incur fees, and potentially lock funds under public, immutable terms. Because this is a financial blockchain operation, the lack of an early warning materially increases the chance of users proceeding without understanding the consequences.

Ssd 3

High
Confidence
99% confidence
Finding
The skill explicitly instructs users to pass private keys on the command line or through environment variables, both of which are common sources of secret exposure via shell history, process listings, logs, crash reports, and agent telemetry. In a tool-enabled agent context, this is especially dangerous because secrets may be echoed, retained, or mishandled by surrounding systems, leading to wallet compromise and theft of all accessible funds.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal