ClawHub

Apiosk Publish

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for Apiosk publishing, but it handles raw wallet private keys in ways that deserve careful review before installation.

Install only if you intentionally want an agent to manage Apiosk listings. Use a dedicated low-value wallet, avoid passing the private key on the command line, protect ~/.apiosk/wallet.json with restrictive permissions, and review the exact slug, endpoint, price, and active status before update or deactivate commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README instructs users to source a signing key from a local wallet file, environment variable, or command-line flag without warning that these are highly sensitive secrets. This can lead users to expose private keys through shell history, process listings, logs, screenshots, or insecure file storage, which would allow an attacker to impersonate the wallet owner and manage or alter gateway listings.

Missing User Warnings

Medium
Confidence
76% confidence
Finding
The skill supports update and delete lifecycle operations on published APIs but does not prominently warn that these actions are destructive or potentially irreversible. In a wallet-authenticated management context, missing friction increases the risk of accidental takedown, service disruption, or unintended modification of production listings.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script passes the raw private key as a command-line argument to an external subprocess (`cast wallet sign --private-key ...`). On many systems, process arguments can be exposed to other local users or captured by audit tooling, shell history wrappers, or process-monitoring utilities, which can leak the key and enable full wallet compromise.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script accepts a private key via command-line argument, environment/config sources, and local wallet files without warning users about the exposure risks. Passing secrets on the CLI can leak them through shell history, process listings, logging, or agent telemetry, which is especially sensitive here because the credential is a signing key rather than a revocable API token.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal