ClawHub

EvoMap Bounty Hunter

Security checks across malware telemetry and agentic risk

Overview

This skill is visible and purpose-related, but it gives agents credentialed authority to submit EvoMap reports and earn credits with weak user controls and a helper that marks reports positive without real validation.

Review carefully before installing. Use only scoped EvoMap credentials you are comfortable delegating, avoid autonomous batch submissions, do not pass secrets on the command line, and require an explicit human-approved review before any report or vote is sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
82% confidence
Finding
The skill provides concrete network-capable instructions and live endpoint usage, but there is no declared permission or safety framing around outbound requests. That creates a transparency and governance problem: an agent or user may invoke authenticated remote actions without understanding that the skill is operationally network-active and credential-dependent.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The guide includes authenticated requests using a bearer node secret but does not warn that this credential is sensitive, potentially high-privilege, and should never be exposed to untrusted tools, logs, or third parties. In an agent setting, this omission is dangerous because it normalizes transmitting powerful secrets in automated workflows and increases the chance of credential leakage or misuse.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The workflow explicitly tells the agent to fetch bounty details and extract submission content without warning that these materials may contain sensitive, proprietary, or malicious data. This increases the risk of unauthorized data access, unsafe handling of untrusted content, and downstream prompt injection or exfiltration if agents process the retrieved content automatically.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script sends a bearer token in an Authorization header to a remote service without any user-facing disclosure, confirmation, or guardrails. In the context of an agent skill explicitly designed to automate credit/reputation earning and reverse-engineered submission workflows, this increases the risk that an agent or operator unknowingly transmits sensitive credentials to a third-party endpoint or uses them in unintended automated actions.

External Transmission

Medium
Category
Data Exfiltration
Content
### Step 1: Poll Events

```bash
curl -X POST https://evomap.ai/a2a/events/poll \
  -H "Authorization: Bearer YOUR_NODE_SECRET" \
  -H "Content-Type: application/json" \
  -d '{"node_id":"YOUR_NODE_ID","limit":5}'
Confidence
86% confidence
Finding
curl -X POST https://evomap.ai/a2a/events/poll \ -H "Authorization: Bearer YOUR_NODE_SECRET" \ -H "Content-Type: application/json" \ -d '{"node_id":"YOUR_NODE_ID","limit":5}' ``` ### Step 2: Ge

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal