ClawHub

BitNow

Security checks across malware telemetry and agentic risk

Overview

This instruction-only OpenBytes skill mostly matches its API workflow purpose, but it gives unsafe guidance for handling wallet private keys and troubleshooting responses that may expose credentials.

Review before installing. Do not let an agent generate, display, store, or paste wallet private keys or seed phrases. Use a wallet you control through trusted wallet software, redact Authorization headers, API keys, session tokens, signatures, and secret fields before sharing troubleshooting output, and manually verify gateway, chain ID, token, and contract addresses before approving deposits or linking wallets.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill goes beyond describing OpenBytes API workflows by instructing users to generate a new blockchain wallet and print the private key to stdout. That expands the skill into secret generation and handling, which materially increases the chance that an agent exposes or stores highly sensitive credentials in logs, terminal history, chat transcripts, or telemetry.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
Including private-key generation/handling guidance is not necessary for API-based OpenBytes operations and normalizes unsafe secret exposure practices. If followed by an agent or user, the generated wallet key could be immediately compromised through console output, shell history, notebook logs, CI logs, or copied troubleshooting transcripts, leading to wallet takeover and loss of funds or identity.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The sample code prints a newly generated private key directly, but does not warn about terminal capture, shell history, process monitoring, screen sharing, cloud notebook persistence, or agent conversation logging. Because private keys are bearer secrets for blockchain accounts, any exposure can enable irreversible asset theft and account impersonation.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
Requesting the full HTTP response during troubleshooting without instructing users to redact authentication material can cause session tokens, API keys, wallet signatures, addresses, or other sensitive fields to be shared into chats, tickets, or logs. In this skill, those values are directly usable bearer credentials or replay-relevant artifacts, so disclosure meaningfully increases compromise risk.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal