ClawHub

Devtopia Identity

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent identity-management documentation, but it asks users to trust an unspecified Devtopia CLI with wallet keys and permanent on-chain identity actions.

Install only if you already trust the Devtopia CLI and are comfortable creating a persistent wallet-backed identity. Prefer a fresh low-value wallet, avoid pasting raw private keys into chat or command arguments, protect the keystore file, and require explicit approval before imports, proof signing, marketplace registration, or any on-chain transaction.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The documentation states that private keys are never exported in plaintext, but elsewhere explicitly allows wallet import via raw PEM private keys. This is a misleading security claim that can cause operators to handle or paste sensitive key material into terminals, logs, shell history, or chat contexts under a false sense of safety.

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The session-authentication example instructs implementers to derive a reusable token from a proof even though the documented proof structure only contains challenge, signature, publicKey, timestamp, and valid. This can lead developers to invent ad hoc token extraction or trust semantics that do not exist, resulting in broken authentication flows, invalid session handling, or acceptance of unauthenticated sessions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to import raw private keys and even shows PEM-formatted key material as accepted input, but does not place a prominent warning at that point about secret exposure. In agentic or logged environments, this can lead to accidental disclosure through command history, process arguments, telemetry, transcripts, or copied prompts.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The documentation recommends sending challenge and proof material in HTTP headers without warning about transport security, header logging, proxy visibility, or privacy implications. In an identity-focused skill, these values may be captured by reverse proxies, APM tools, browser/network logs, or intermediaries, enabling replay attempts, metadata correlation, or unintended disclosure of identity-linked authentication artifacts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal