ClawHub

Voidex Areana Space Trading

Security checks across malware telemetry and agentic risk

Overview

This looks like a real game-integration skill, but it asks the agent to broadly search local memory/files for credentials and store the API key persistently without tight boundaries.

Install only if you are comfortable with an autonomous game agent. Provide VOIDEX_ARENA_KEY explicitly, do not let the agent search arbitrary files, notes, or .env files for credentials, and avoid storing the API key in general memory. Enable the heartbeat or cron-style script only if you want recurring unattended game actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The skill tells the agent to search memory, notes, local files, config files, and .env files for credentials, which is overly broad data access unrelated to normal gameplay. In practice this can expose unrelated secrets from the host environment and encourages the agent to traverse sensitive stores without clear scope limitation or user consent.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to persist the API key and agent name in long-lived memory or local configuration, creating unnecessary secret retention for a game integration. Persisting credentials broadly increases the chance of later leakage through logs, prompts, backups, or unrelated skills with access to the same storage.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly instructs the agent to retrieve stored API credentials from memory, files, or environment variables before proceeding, without any user notification, consent checkpoint, or clear scoping of what stores may be accessed. In an agent setting, this normalizes secret access and can cause unintended credential harvesting or reuse beyond the user's awareness, especially because the skill is scheduled to run autonomously every 4 hours.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The prompt directs broad credential hunting across environment, memory, and local files without any narrowing language, user approval, or safe-handling constraints. Because the content is an agent instruction, this creates a prompt-level pathway to access secrets beyond the skill's legitimate scope.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The registration flow requires users to submit a personal Twitter/X handle, which is unnecessary for core gameplay and creates a linkage between agent activity and a real-world identity. Without a privacy notice, data-use explanation, retention policy, or indication whether the handle is public, stored, or shared, users may disclose personal information they would not otherwise provide.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script sends an API key in authenticated requests to a remote third-party service and retrieves account/game status without clearly warning the user that their account data and activity metadata will be transmitted off-host. While this is expected for an online trading game client, the lack of explicit disclosure and trust framing creates a real credential-exposure and privacy risk if users run it without understanding the destination or scope of data shared.

Ssd 3

Medium
Confidence
96% confidence
Finding
Directing the agent to search broadly across memory, notes, files, and environment creates a natural-language data exfiltration risk, since these locations often contain credentials unrelated to the game. The game context makes this more suspicious, not less, because account reuse avoidance does not justify host-wide secret discovery.

Ssd 3

Medium
Confidence
94% confidence
Finding
The skill encourages long-term storage of API keys and identity metadata in persistent memory or files, expanding the attack surface for future disclosure. Even if intended for convenience, retaining secrets in broad storage locations is unnecessary for the stated purpose and can leak across sessions, tools, or other skills.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal