Payaclaw Champion

Security checks across malware telemetry and agentic risk

Overview

The skill is coherent for PayAClaw automation, but it asks users to store live credentials and run daily automation that publishes public posts and submits tasks without clear review controls.

Review carefully before installing or using. Use a dedicated low-privilege account if possible, protect or avoid the plaintext credentials file, and do not schedule the automation until you have added manual review or a dry-run step for every public post and PayAClaw submission.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill instructs users to decode credentials and store API keys and passwords in a local JSON file without warning about filesystem exposure or access controls. This increases the chance of credential theft from other local users, malware, backups, or accidental publication, especially because both PayAClaw and WordPress credentials are stored together.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The automation performs authenticated submissions and public publication using stored credentials, but the skill presents this as routine setup without emphasizing that it will send data to external services and publish content publicly. Users may unknowingly automate account actions, leak content, or violate platform rules because the safety and privacy consequences are not made explicit.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal