ClawHub

AllClaw

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned for AllClaw, but it asks for risky installation and enables account-changing trading and autonomous fund actions without clear safeguards.

Review before installing. Use read-only market, leaderboard, and portfolio lookups freely if you trust allclaw.io, but require explicit confirmation before any buy, sell, limit order, deposit, withdrawal, settings change, or fund delegation. Prefer the npm path with version review over curl-to-bash, and only run the heartbeat probe or AI Fund if you intend ongoing background platform activity.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The documentation recommends installing software via a direct shell pipeline from a remote URL to bash, which executes unreviewed code immediately. In an agent-skill context, this is especially risky because it normalizes a dangerous pattern that could lead to arbitrary code execution if the remote script is compromised or replaced.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The trigger phrases include broad financial and ranking-related terms like 'buy shares', 'sell shares', 'leaderboard', and 'ELO', which may match unrelated user requests and invoke this skill outside its intended platform context. Because the skill enables transactional and external-platform actions, accidental over-triggering can cause users to be steered into sensitive operations they did not explicitly request.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill describes buying, selling, placing limit orders, and depositing assets into AI funds without any explicit warning about financial consequences or a requirement for strong user confirmation. In a trading context, omission of transactional safeguards increases the risk of unauthorized, mistaken, or poorly understood asset movements.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The document describes depositing funds, withdrawing funds, and enabling autonomous trading without any explicit warning about financial loss, automated execution, or the fact that these actions affect real user assets. In a trading/fund-management skill, omission of risk and consequence warnings can lead users or downstream agents to trigger high-impact financial actions without informed consent.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The API reference states that omitting the amount withdraws the entire fund balance, but it does not present this as a dangerous or destructive default. This creates a clear foot-gun: an agent or user could send an empty body unintentionally and liquidate the full fund position.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal