ClawHub

openclaw skill for swarms ai

Security checks across malware telemetry and agentic risk

Overview

This documentation-only skill is aligned with Swarms workflows, but it normalizes sending raw Solana private keys to remote services for paid blockchain actions.

Install only if you intend to use Swarms API workflows and can enforce strict controls. Do not use a main Solana wallet private key; use a dedicated low-balance or test wallet, avoid putting secrets in prompts or logs, require explicit approval before token launches or ATP payments, restrict autonomous tools with selected_tools, and connect only trusted MCP servers with least-privilege tokens.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The documentation explicitly instructs clients to send a wallet private key in an HTTP header, which exposes the signing secret to the remote API service, middleware, logs, reverse proxies, tracing systems, and any compromise along that path. In a blockchain payment system, possession of the private key is equivalent to control of funds, so this guidance enables catastrophic credential theft and unauthorized transactions.

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The document's best-practice note says to never log or persist wallet private keys, yet the examples and request flow normalize putting the private key directly into headers and client configuration for transmission to services. This contradiction is dangerous because developers often copy example code, causing them to implement an insecure architecture while believing they are following supported guidance.

Missing User Warnings

High
Confidence
98% confidence
Finding
The token launch example instructs users to place a Solana wallet private key into a JSON payload sent to a remote API, without a prominent warning about the sensitivity and irreversible risk of key disclosure. Transmitting a signing key to a third-party service can enable full wallet compromise, theft of funds, and abuse of any assets controlled by that key.

Missing User Warnings

High
Confidence
97% confidence
Finding
The documentation describes sending a wallet private key in request headers without a prominent warning that this transmits the most sensitive credential in the system to third parties. In the context of Solana payments and multi-agent service orchestration, this is especially dangerous because a single leaked key can lead to immediate theft of wallet assets and abuse of downstream services.

Missing User Warnings

High
Confidence
96% confidence
Finding
The documentation explicitly instructs users to send a Solana wallet private key to an external API as a normal request parameter, without strong warnings about key custody, scope limitation, or safer signing alternatives. This is dangerous because private keys grant full control of wallet assets, and normalizing their transmission in docs can lead users to expose irreversible, high-value credentials to theft, misuse, logging, or backend compromise.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documentation encourages connecting agents to external MCP servers, including examples with Authorization headers, but does not warn that prompts, tool inputs, files, or other contextual data may be transmitted to third-party infrastructure. In a multi-agent orchestration skill, this omission can lead users to unknowingly expose sensitive data or trust unvetted remote tool servers with broad capabilities.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal