Openclaw Skill

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate paid market-data and AI API skill, but it gives agents broad wallet-funded spending authority without strong per-call controls.

Install only if you intend to let an agent spend USDC for API calls. Use a dedicated low-balance Base wallet, verify the external SDK/package source, require confirmation before paid or multi-call workflows, and avoid sending secrets, private wallet data, personal data, or confidential trading information to the AI endpoints.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill requires a wallet private key and repeatedly emphasizes low per-call cost, but the quick-start flow does not clearly warn that every invocation can authorize real USDC payments on Base mainnet. This creates a meaningful risk of unintended financial loss because users may treat the key like a normal API credential rather than a live spending authority.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The examples encourage pasting fetched data and arbitrary user content into third-party AI endpoints, but they do not warn that prompts and attached content may be transmitted to external model providers. This can lead to privacy leaks or disclosure of proprietary trading data, user secrets, or other sensitive information if agents forward data blindly.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal