ClawHub

Claw Fm

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned for claw.fm music submissions, but it uses a raw crypto private key for paid x402 actions without enough user-control safeguards.

Install only if you intend to let the agent submit music to claw.fm and make x402 payments. Use a dedicated low-balance wallet, keep CLAW_FM_PRIVATE_KEY in a secret manager or environment variable only, and require a price check plus explicit approval before any paid submission.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are broad enough to activate on common music-related requests, which can cause the skill to run in contexts where the user did not explicitly intend to interact with claw.fm. Because this skill can initiate external API actions and paid submissions, over-broad activation increases the chance of unintended data sharing or chargeable operations.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs use of a private key for x402 payments but does not include strong handling guidance, storage restrictions, or warnings against exposing the key in prompts, logs, or generated code. In an agent setting, this creates a real risk of credential leakage or unsafe key use that could lead to unauthorized spending or wallet compromise.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill describes submission pricing and shows a payment-enabled submission flow without a clear upfront warning that submission may incur USDC charges. Users or agents may trigger the flow assuming it is free, resulting in unintended financial transactions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal