ClawHub

Ika Operator

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only guide for operating Ika nodes, with manual commands that are expected for validator operations but require careful handling.

Install only if you operate Ika infrastructure. Verify binaries, contract IDs, staking URLs, and configuration values from official sources; protect validator keys and root seed backups offline; do not store real AWS secrets in config files or repositories; and treat the database deletion commands as last-resort manual recovery steps after verifying the exact path and backup or resync plan.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The configuration reference explicitly shows `aws-access-key-id` and `aws-secret-access-key` as inline YAML fields without any warning that secrets should not be embedded in config files. In an infrastructure-operations skill, operators may copy this example into real deployments, leading to long-lived cloud credentials being stored in plaintext configs, committed to repositories, exposed in backups, or leaked through support channels.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The document instructs operators to run destructive database deletion commands as part of recovery, but it does not clearly and prominently warn that these actions irreversibly delete local state and may require lengthy resynchronization or cause operator error if paths are wrong. In an operations guide for infrastructure, such commands are especially risky because readers may copy-paste them under pressure during incidents.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
```bash
# Stop the node
# Remove the database directory
rm -rf /opt/ika/db/live

# Restart - node will resync from peers via state sync
./target/release/ika-fullnode --config-path config.yaml
Confidence
91% confidence
Finding
rm -rf /opt/ika/db/live # Restart - node will resync from peers via state sync ./target/release/ika-fullnode --config-path config.yaml ``` For validators, also clear consensus DB: ```bash rm -rf /

Tool Parameter Abuse

High
Category
Tool Misuse
Content
```bash
# Stop the node
# Remove the database directory
rm -rf /opt/ika/db/live

# Restart - node will resync from peers via state sync
./target/release/ika-fullnode --config-path config.yaml
Confidence
91% confidence
Finding
rm -rf /opt/ika/db/

Tool Parameter Abuse

High
Category
Tool Misuse
Content
For validators, also clear consensus DB:

```bash
rm -rf /opt/ika/consensus_db/*
```

### Event Cursor Override
Confidence
96% confidence
Finding
rm -rf /opt/ika/consensus_db/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal