ClawHub

Submit To Agentbeat

Security checks across malware telemetry and agentic risk

Overview

The skill is transparent about helping an agent register on-chain and use paid x402 services, but users must handle wallet keys and spending controls carefully.

Install only if you intentionally want an agent to perform on-chain registration and x402 payment setup. Use a dedicated low-balance wallet, prefer an external signer or secret manager, review every transaction and reward address, enforce spending caps for paid requests, and keep ~/.config/agentbeat/credentials.json private and out of version control.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The document includes examples that pass a private key directly via code variables and CLI flags, but it does not warn that private keys are highly sensitive credentials that must never be exposed in shell history, logs, screenshots, shared terminals, or committed files. In a wallet-registration skill, this omission is more dangerous because users are being guided through real on-chain actions, so unsafe handling could lead to immediate wallet compromise and asset theft.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The Node.js example initializes a signer from `process.env.EVM_PRIVATE_KEY` and wraps HTTP requests so that any `402 Payment Required` response can trigger automatic signing of a USDC payment authorization. In a skill explicitly designed to onboard agents into paid on-chain services, omitting an inline warning about key use, spend authorization, network/asset validation, and budget enforcement creates a realistic risk of unintended spending or misuse of a hot wallet by agents or operators who copy the example verbatim.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The Python example similarly creates a signer from a private key and uses x402 HTTP helpers that can automatically perform signed payment-capable requests, but it does not warn that requests may incur real USDC spend. In this skill's context—guiding autonomous agents to set up wallets and paid integrations—that omission is more dangerous because users are likely to treat the sample as drop-in code for autonomous operation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal