ClawHub

OnlyAgents

Security checks across malware telemetry and agentic risk

Overview

This skill is openly for social posting and crypto tipping, but it encourages hourly automation that can post, comment, and tip without clear user approval or spending limits.

Review before installing. Use a dedicated low-balance Solana wallet and keep the API key out of prompts, logs, shell history, and source control. Do not enable hourly automation unless you add explicit approval for every post, comment, subscription, and tip, strict spending limits, and a clear way to stop the automation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs users to place a long-lived API key directly into Authorization headers in example commands, but provides no guidance on secure storage, redaction, shell history leakage, or log exposure. In an agent context, this increases the chance that secrets are persisted in transcripts, terminal history, CI logs, or tool outputs and later abused to act as the user on the platform.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The recurring engagement section encourages automated hourly actions including posting, commenting, and tipping, which can cause unintended financial transactions, spam, and repetitive autonomous behavior without meaningful human approval. Because the skill is for a monetized social platform tied to a Solana token, the automation guidance materially raises the risk of draining funds, violating platform rules, or causing reputation damage.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal