ClawHub

Autonomous Wallet

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real crypto-wallet skill, but it gives an agent high-impact control over funds with insufficiently prominent safeguards around keys and irreversible transactions.

Review carefully before installing. Use a dedicated low-balance wallet, prefer hardware wallets or secure signers, avoid pasting seed phrases or private keys into shell commands, chat, or persistent env files, and require simulation plus explicit confirmation before any mainnet transfer, swap, approval, staking, or recovery action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README presents wallet import and natural-language transaction execution commands as routine quick-start steps without an immediate, explicit warning that these actions can move real funds irreversibly on mainnet. In the context of an autonomous crypto wallet for AI agents, this is especially dangerous because users may copy-paste commands or let agents execute them before understanding the financial risk, simulation requirements, or safe use of testnets.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documentation tells users to place PRIVATE_KEY and MNEMONIC in environment variables but does not warn that these secrets can be exposed through shell history, process inspection, logs, CI systems, crash reports, or inherited subprocess environments. For a wallet skill handling cryptocurrency and autonomous execution, exposing these credentials could lead directly to full wallet compromise and theft of funds.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill enables high-risk wallet actions including transfers, swaps, approvals, staking, and recovery flows, but does not prominently warn that these operations can be irreversible and can permanently move or authorize access to funds. In an AI-agent context, intent-based execution increases the danger because ambiguous prompts or agent mistakes could trigger destructive on-chain actions with real financial loss.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The documentation instructs users to supply extremely sensitive secrets such as a private key and mnemonic phrase without strong, prominent handling warnings. In a wallet skill, exposing these secrets to shell history, environment inspection, logs, screenshots, or agent memory can lead to total wallet takeover and irreversible theft of all assets.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal