ClawHub
Back to skill

Security audit

Obul Proxy (x402)

Security checks across malware telemetry and agentic risk

Overview

The skill is transparent about proxying x402 API calls through Obul, but it gives broad authority to send arbitrary requests through a paid third-party proxy without clear spending limits or confirmation steps.

Install only if you intend to use Obul for x402 proxying. Before use, confirm the destination endpoint, expected price, and whether request data may contain secrets or sensitive information. Prefer scoped keys and account spending limits if Obul supports them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.