ClawHub

Alpha Finder (x402)

Security checks across malware telemetry and agentic risk

Overview

This skill has a clear market-research purpose, but it asks users to store and expose a raw wallet private key to unpinned external code.

Review before installing. Use only a dedicated low-balance Base wallet, avoid a main wallet private key, restrict any config file permissions, expect $0.03 USDC charges per request, and understand that the skill runs external npm code that is not pinned or fully reviewed in this bundle.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The script handles a payment private key by searching multiple local files, extracting it, and exporting it into the process environment. For a market-research skill, this expands the trust boundary to sensitive credentials and creates unnecessary exposure if the downstream package, logs, subprocesses, or local filesystem are compromised.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill instructs users to provide a blockchain private key via an environment variable or plaintext config file, including a home-directory example, without any warning about credential sensitivity, file permissions, key scoping, or wallet risk. Because this key authorizes paid requests on-chain, unsafe handling could expose funds or allow unauthorized transactions if the host, shell history, or config file is compromised.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script silently reads a private key from disk and exports it as an environment variable without warning the user that sensitive credentials are being loaded. Exporting secrets into the environment increases the chance of unintended disclosure to child processes, debugging tools, crash reports, or other operational telemetry.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script sends user-supplied market queries to an external npm package with no disclosure that the data will leave the local environment. This is risky because queries may contain sensitive trading intentions or internal research, and the wrapper also relies on a remotely fetched package that may transmit more than the user expects.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal