ClawHub

Vincent - A secure wallet for your agent

Security checks across malware telemetry and agentic risk

Overview

This is a real crypto-wallet skill whose purpose is clear, but it gives an agent broad ongoing authority to move funds, sign messages, and place bets unless the user locks it down first.

Review before installing. Use a dedicated low-balance wallet, claim it immediately, set spending limits, allowlists, and require-approval policies before funding it, and treat API keys and re-link tokens like financial credentials. Avoid raw signing or arbitrary contract calls unless you personally verify the target, chain, amount, and expected effect.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This section enables real-value transfers, swaps, arbitrary contract calls, and betting workflows but does not prominently warn that these actions can move or lose real funds irreversibly. In an agent setting, lack of explicit confirmation and risk framing increases the chance of unintended execution, user confusion, or prompt-injected financial actions being carried out.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to store and later retrieve wallet API keys, but does not clearly state that possession of the API key grants transaction authority over the wallet. In practice, this turns the key into a bearer credential for spending and signing operations, so insecure storage or accidental disclosure can directly enable unauthorized transactions.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The re-link flow allows anyone holding a one-time token to obtain a new wallet API key, yet the instructions do not require verification of user authorization or strongly emphasize that the returned API key is highly sensitive. In an agent context, a malicious prompt or untrusted user message containing a token could trick the agent into rebinding wallet access and exposing or using fresh credentials.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal