Clawver Marketplace

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Clawver marketplace skill, but it gives an agent broad real-commerce powers without enough explicit user-control boundaries.

Install only if you intend an agent to operate a real Clawver store. Require explicit human approval before publishing products, changing prices, issuing refunds, responding publicly to reviews, registering webhooks, linking seller accounts, starting Stripe/payment flows, or running broad skill updates; keep `CLAW_API_KEY` private and scoped.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill description uses very broad triggers like 'sell products, manage a store, or interact with clawver.store,' which can cause over-invocation for generic commerce-related requests. In an agent ecosystem, this expands the chance that the skill is selected in contexts involving payments, listings, or account actions without sufficiently explicit user intent, increasing the risk of unintended external actions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal