ClawHub

Bitcoin and Tether on Arkade

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Arkade wallet skill, but it gives agents direct ability to create wallets and move crypto funds with limited safety gates.

Review before installing. Treat this as a hot-wallet skill: keep only small balances available to agents, require explicit human approval for every payment, offboard, Lightning payment, or swap, verify destination and amount out of band, back up wallet data carefully, and do not paste existing private keys into command lines despite stale README examples.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (7)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill exposes advanced wallet internals and coin-inspection methods that go beyond the stated send/receive/ramp functionality. In an agent setting, this broadens the capability surface and can enable unreviewed or higher-risk wallet operations, undermining least-privilege expectations for a payment skill.

Context-Inappropriate Capability

High
Confidence
96% confidence
Finding
Returning the raw Wallet instance effectively hands callers unrestricted access to all wallet capabilities, including operations not intended to be exposed by this skill. That breaks encapsulation and least privilege, allowing downstream code or an LLM agent to invoke sensitive methods outside the documented payment workflow.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README instructs users to initialize a wallet with a raw private key (`arkade init <private-key-hex>` and `SingleKey.fromHex(privateKeyHex)`) without any warning about secret handling, shell history exposure, process-list leakage, logging, or secure key storage. In a cryptocurrency wallet skill, encouraging direct CLI/API use of raw signing keys materially increases the risk of key compromise and total asset loss.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README documents commands that move funds over Arkade, onchain, and Lightning without warning that these actions may be irreversible, subject to network/bridge/swap fees, and unsafe if the destination address or invoice is wrong. For a financial skill, omission of transaction-safety guidance can lead to accidental transfers, loss of funds, or payments to attacker-controlled destinations.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill documents sending BTC, paying Lightning invoices, offboarding onchain, and executing swaps, all of which are financially irreversible or hard to recover from, but it does not include prominent safety guidance to verify recipient addresses, invoice details, chain/token selection, fees, and amounts before execution. In a payments skill, omission of these warnings materially increases the risk of accidental loss through user error, clipboard/address substitution, or chain mismatch.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The wallet auto-initializes on first use and writes a newly generated private key to disk without explicit confirmation. In an agent-driven or automated context, a simple read-only command can silently create a persistent wallet state, causing unintended key material generation, hidden fund destinations, and operational confusion for users who did not intend wallet creation.

Session Persistence

Medium
Category
Rogue Agent
Content
}

/**
 * Create wallet from config, auto-initializing if needed.
 */
async function createWallet() {
  let config = loadConfig();
Confidence
86% confidence
Finding
Create wallet from config, auto-initializing if needed. */ async function createWallet() { let config = loadConfig(); if (!config) { console.error("No wallet found. Auto-generating a new priv

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal