ClawHub

Silke Manifold

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: use a Manifold API key to search markets and make user-directed Manifold trades.

Install only if you are comfortable giving this skill a Manifold API key. Use --dry-run before bets, manually verify contract IDs, amounts, outcomes, and answer IDs, and keep the API key scoped to Manifold rather than reusing broader credentials. Review or remove any local data/.env file near the skill so unintended variables are not loaded.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
85% confidence
Finding
The skill invokes a Python script that uses an API key from the environment and performs network operations, but the skill manifest does not declare explicit permissions for those sensitive capabilities. This creates a trust and enforcement gap: a user or platform may underestimate the skill's access, and a trading-oriented skill can trigger real account actions against an external service using stored credentials.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill exposes state-changing trading operations that can place bets, sell positions, and cancel orders immediately against a live Manifold account, but it provides no built-in confirmation gate, safety interlock, or mandatory dry-run behavior. In an agent setting, this materially increases the risk of accidental financial actions from misunderstood prompts, prompt injection through upstream context, or simple user error.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal