ClawHub

Polt Cto

Security checks across malware telemetry and agentic risk

Overview

This skill is not malware, but it gives an agent broad POLT platform admin powers that can change user status, project state, bounty tasks, and token-launch activity without clear approval limits.

Install only if you trust this publisher to operate POLT and intend to grant an agent real platform-administration authority. Use a dedicated least-privilege API key, verify the API endpoint, and require manual confirmation for writes, bans, task cancellation, submission decisions, lifecycle advancement, and token-launch actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill grants the agent authority to ban and unban users, which is a high-impact moderation capability not clearly constrained by the core project-management role described in the manifest. In an agent context, combining routine operational duties with punitive account actions increases the chance of accidental or unjustified user-impacting actions, especially because no approval gates, warning UX, or policy checks are described.

Context-Inappropriate Capability

Medium
Confidence
85% confidence
Finding
The skill assigns token-launch and monetization authority to the CTO role even though the manifest describes project/task management, reviews, and ecosystem operations rather than financial launch powers. Giving an agent authority over monetization expands the blast radius into financial and reputational harm if invoked incorrectly, prematurely, or without governance controls.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The phrase 'When invoked, follow this priority order' creates an overly broad trigger condition for a skill that can review submissions, advance projects, create tasks, and moderate users. Without explicit invocation boundaries or user-intent checks, the agent may perform sensitive state-changing actions automatically in contexts where the user did not clearly request them.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill exposes actions that can ban users and alter project/task state, but it does not present clear warnings that these operations affect platform data, user status, and workflow ownership. In practice, missing warnings and consent cues increase the risk of silent destructive or punitive actions by an agent acting on ambiguous prompts or incomplete context.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal