ClawHub

Xanadu Crypto Monitor

Security checks across malware telemetry and agentic risk

Overview

The crypto monitoring features are mostly coherent, but the package includes under-disclosed billing code with a hardcoded SkillPay key and mismatched product references, so it needs review before installation.

Review before installing. Treat the bundled SkillPay key as exposed, do not rely on this package for billing until the key is removed and charge approval is clearly documented, and only store portfolio details locally if you are comfortable keeping that financial data under ~/.openclaw/crypto-monitor.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The code transmits a user identifier and an API key to an external billing service without any visible consent, notice, or minimization controls. In an agent skill context, undisclosed data sharing and charging behavior is more sensitive because users may not expect external payment processing to occur implicitly during skill execution.

Missing User Warnings

High
Confidence
99% confidence
Finding
A secret-looking API key is hardcoded directly in the source file, which makes it accessible to anyone who can view the code, logs, bundles, or repository history. Exposed billing or payment credentials can be reused by attackers to make unauthorized API calls, incur charges, impersonate the skill, or pivot into related account resources.

External Transmission

Medium
Category
Data Exfiltration
Content
amount = amount or DEFAULT_PRICE
        
        try:
            response = requests.post(
                f"{self.base_url}/charge",
                json={
                    "api_key": self.api_key,
Confidence
85% confidence
Finding
requests.post( f"{self.base_url}/charge", json=

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal