ClawHub
Back to skill

Security audit

Fetch Agents

Security checks across malware telemetry and agentic risk

Overview

This skill appears built for Fetch.ai Agentverse calls, but it handles an API key, forwards user prompts to third-party agents, and uses weakly contained local state/background output.

Install only if you are comfortable using an Agentverse API key and sending prompts to Fetch.ai/Agentverse agents. Use a scoped key if possible, avoid pasting secrets or private business data into requests, and be aware that the skill creates a reusable local agent identity and stores the latest result in a predictable temporary file.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Tainted flow: 'req' from os.environ.get (line 139, credential/environment) → urllib.request.urlopen (network output)

Critical
Category
Data Flow
Content
headers={"Content-Type": "application/json"},
    )
    try:
        with urllib.request.urlopen(req, timeout=30) as resp:
            body = resp.read().decode()
            if resp.status == 200:
                ctx.logger.info("Mailbox registered with Agentverse")
Confidence
91% confidence
Finding
with urllib.request.urlopen(req, timeout=30) as resp:

Vague Triggers

Medium
Confidence
87% confidence
Finding
The description says to use the skill whenever working with Fetch.ai, Agentverse, uAgents, decentralized AI agents, or when the user wants to discover or message an agent, which is broad enough to trigger in many general discussions. Because this skill performs real external actions such as marketplace search and messaging agents, over-broad routing can cause unintended network calls, disclosure of user prompts to third-party agents, and execution of helper scripts when the user may have only wanted information.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal