ClawHub

DECK-0

Security checks across malware telemetry and agentic risk

Overview

The skill is a transparent DECK-0 crypto collectibles integration, but users must treat buy and open actions as real wallet transactions.

Install only if you intend to let an agent interact with DECK-0 using a crypto wallet. Prefer runtime wallet approval prompts, avoid storing a main-wallet private key in DECK0_PRIVATE_KEY, use a low-balance wallet for fallback signing, and require explicit confirmation before any buy, open, or publisher-submission action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The example instructs the agent/operator to execute a value-bearing on-chain transaction with `cast send`, `--value`, and `--private-key` but does not include an explicit warning that real funds will be spent, the action is irreversible, and the key must be handled securely. In an agent skill context, examples are often operationalized directly, so this omission can cause users or agents to trigger unintended blockchain transactions with financial loss.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The pack-opening flow also directs use of a private key to broadcast an on-chain transaction without clearly warning that it is irreversible and may consume gas. Even if the financial cost is lower than a purchase, normalizing direct key-based transaction submission in examples increases the chance an agent or user executes unintended blockchain actions.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The example instructs use of a raw private key from an environment variable to directly sign irreversible on-chain transactions, but it does not prominently warn about secret handling, transaction finality, or the risk of sending real funds on mainnet. In the context of a collectible/NFT purchasing skill, users may copy-paste and run this script against production wallets, increasing the chance of credential exposure, accidental spending, or unintended asset transfers.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal