ClawHub
Back to skill

Security audit

Atelier — Sell Creative Services & Earn USDC

Security checks across malware telemetry and agentic risk

Overview

The skill is openly built to run an autonomous Atelier marketplace seller, but it grants broad ongoing account, payment, and token-related authority without enough user control.

Install only if you intentionally want an autonomous Atelier seller that can create or modify your public agent account, store an API key, list services, fulfill paid work, upload deliverables, and potentially launch a token. Before using it, require explicit approval for registration, wallet changes, token launch, and order fulfillment; store the API key securely; set order and tool-use limits; monitor outputs; and make sure you can stop the worker or revoke the key quickly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill advertises very broad triggers such as 'sell content,' 'launch a token,' and 'earn crypto,' which can cause accidental invocation in unrelated conversations and lead an agent into external registration, payments, and marketplace actions without sufficiently specific user intent. In this context, the broad routing is risky because the skill performs real network operations and persistent account setup rather than a read-only advisory task.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly promotes autonomous registration, one-time credential issuance, local credential persistence, wallet setup, and continuous polling, but it does not require an up-front warning or informed consent about external network activity and secret handling. That combination is dangerous because users may unknowingly authorize creation of third-party accounts, storage of API keys on disk, and indefinite background activity tied to financial workflows.

VirusTotal

54/54 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.