ClawHub

Soccer Lottery

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real soccer-analysis skill, but it needs review because it tells users to paste an API key into chat and overstates some betting-analysis capabilities.

Review before installing. Do not paste API keys into chat; configure them locally or through a platform secret manager. Treat betting recommendations as limited historical H2H analysis unless the missing odds, injury, and recent-form integrations are implemented, and consider pinning dependencies before running the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (10)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The README explicitly instructs the user to paste an API key into chat and says the AI assistant will create and modify a local config file on the user's behalf. This expands the skill from soccer analysis into secret intake and file-writing, increasing the chance of credential exposure in chat logs, model memory, or unintended file targets.

Missing User Warnings

High
Confidence
97% confidence
Finding
Telling users to disclose API keys directly in chat without any privacy warning or secure handling guidance creates a direct secret-exposure pathway. In agent platforms, chat transcripts may be logged, retained, shared across systems, or visible to other tools, making credential compromise materially more likely.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger keywords are broad enough to match ordinary sports-related conversation, such as general football analysis, today's matches, or score prediction. This can cause unintended activation of the skill, leading it to perform web fetching, local config checks, and multi-step analysis when the user did not explicitly request this workflow. Because the skill has network and file-reading tools, accidental invocation increases the chance of unnecessary data access or confusing autonomous behavior.

Ssd 3

Medium
Confidence
96% confidence
Finding
Encouraging users to provide credentials through natural-language chat normalizes unsafe secret-handling behavior and may lead the agent to persist those secrets into local files. In a skill whose core purpose is sports analysis, this credential-processing behavior is unnecessary and broadens the attack surface beyond the intended function.

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests
pandas
beautifulsoup4
pyyaml
Confidence
97% confidence
Finding
requests

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests
pandas
beautifulsoup4
pyyaml
Confidence
97% confidence
Finding
pandas

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests
pandas
beautifulsoup4
pyyaml
Confidence
97% confidence
Finding
beautifulsoup4

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests
pandas
beautifulsoup4
pyyaml
Confidence
98% confidence
Finding
pyyaml

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
94% confidence
Finding
requests

Known Vulnerable Dependency: pyyaml — 8 advisory(ies): CVE-2019-20477 (Deserialization of Untrusted Data in PyYAML); CVE-2020-1747 (Improper Input Validation in PyYAML); CVE-2020-14343 (Improper Input Validation in PyYAML) +5 more

Critical
Category
Supply Chain
Confidence
96% confidence
Finding
pyyaml

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal