ClawHub

Veil Protocol

Security checks across malware telemetry and agentic risk

Overview

The skill is broadly coherent, but it handles high-impact wallet and DeFi data while under-explaining privacy boundaries and normalizing seed-phrase input.

Install only if you trust the npm package and the Veil service. Do not paste wallet seed phrases, private keys, or unrecoverable secrets into this tool unless you have independently verified its runtime behavior, logging, and privacy model. Treat Ghost AI privacy claims cautiously because the documented fallback mode does not use FHE.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The skill prominently markets Ghost AI as private and FHE-protected, but the notes disclose a fallback to a local mock when the remote service is unreachable. That creates a confidentiality and trust-boundary mismatch: users may submit sensitive DeFi instructions believing they are processed in a sealed environment when they may instead be handled by a different local path with weaker privacy guarantees.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation includes an example that encourages encrypting a wallet seed phrase without any warning that seed phrases are extremely sensitive and generally should not be pasted into agent tools or third-party services. Even if encryption is supported, normalizing this workflow increases the risk of catastrophic secret exposure through logs, prompts, telemetry, clipboard history, or implementation flaws.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal