ClawHub

Fuego

Security checks across malware telemetry and agentic risk

Overview

Fuego matches its stated wallet purpose, but it gives agents real-money Solana payment authority with weak confirmation, install, and privacy guardrails.

Install only if you are comfortable reviewing and pinning the external `fuego-cli` code. Use a fresh low-balance wallet, keep the server stopped when not actively needed, and require explicit human approval before every transfer, swap, or x402 purchase, including confirmation of recipient, amount, token, network, product, and any personal data sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
The skill explicitly instructs agents to invoke a shell subprocess to perform wallet actions, which expands the attack surface from a constrained skill interface to arbitrary command execution patterns. In a wallet context, encouraging direct shell execution makes misuse easier, especially if untrusted inputs are interpolated into commands or if agents normalize unattended fund movement.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation promotes a non-interactive `--yes` transfer flow for real Solana mainnet funds without a prominent irreversible-funds warning or mandatory human confirmation step. In an agent skill, this materially increases the chance of automated or accidental asset loss because blockchain transfers cannot be rolled back once submitted.

Missing User Warnings

High
Confidence
95% confidence
Finding
The x402 purchase flow collects sensitive personal data including email and full shipping address, but the documentation does not clearly disclose where that data is sent, how it is retained, or what privacy/security guarantees apply. This creates a meaningful privacy and compliance risk because agents may transmit personal information to third-party services without informed consent or data-minimization controls.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal