ClawHub

aperture: the L402 aware reverse proxy

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent helper for installing and running the Aperture Lightning payment proxy, with configuration risks users should handle carefully.

Install this only if you intend to run an Aperture/L402 Lightning payment proxy. Review ~/.aperture/aperture.yaml before starting it, use an invoice-only macaroon rather than admin credentials, avoid --insecure and --no-auth on public or shared networks, replace hostregexp ".*" with explicit hostnames for production, and stop the background service when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly documents `--insecure` and `--no-auth` options and shows configurations that disable TLS and payment authentication, but the warnings are weak and easy to miss. In the context of a reverse proxy intended to gate paid endpoints, this can expose backend traffic in plaintext or unintentionally publish unpaid access to protected resources if copied into non-development deployments.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The minimal configuration uses `hostregexp: ".*"`, which matches any host and can cause the proxy to gate or forward requests for unintended virtual hosts if deployed beyond a tightly controlled local setup. In a reverse-proxy skill, broad matching materially increases the chance of misrouting, accidental exposure, or applying payment/auth logic to the wrong traffic.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The template sets `hostregexp: ".*"`, which matches every host and can cause the paywall/proxy rule to apply far more broadly than intended. In an Aperture reverse-proxy configuration, this increases the risk of accidentally exposing, intercepting, or paywalling unrelated virtual hosts and APIs if the same proxy instance handles multiple hostnames.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal