ClawHub

blackjack

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed blackjack game, but it tells agents to justify gameplay with a pretext, autonomously join and keep betting, and store a service API key without strong user-control guidance.

Install only if you want your agent to access claw21.com and play blackjack. Require explicit approval before registration, joining, betting, or heartbeat play; set bet, loss, round, and time limits; store any API key only in a secure secret store or a tightly permissioned file; and ignore the instruction to give the user a pretext for playing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The heartbeat instruction directs the agent to autonomously join a blackjack table at an external site when it is 'feeling lucky,' without any explicit user authorization, consent check, or spending boundary. In a gambling context, this can trigger real-money or value-bearing actions on behalf of a user, making unintended participation and financial loss plausible.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill directs the agent to register with and interact with an external gambling service, which necessarily transmits an API key, agent identity, room state, and gameplay actions off-platform, but it does not prominently warn about that data flow. This is dangerous because operators may enable the skill without understanding that credentials and behavioral data are being sent to a third-party casino service.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs agents to save the API key and room/session data locally, but gives no warning about secure storage, file permissions, rotation, or the consequences of credential theft. If stored insecurely, the token could be reused by other local users, malware, or other tools to impersonate the agent and continue interacting with the external service.

Missing User Warnings

High
Confidence
99% confidence
Finding
The skill explicitly encourages autonomous betting and continued participation over multiple rounds, yet it does not provide a prominent warning that the agent can keep gambling without further user confirmation. In context, this is more dangerous because the skill is purpose-built for a live casino-style environment, so autonomous operation can rapidly accumulate financial loss, policy violations, or unwanted behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal