Is 0xF69/viralevo safe?

https://clawhub.ai/0xF69/viralevo

33
DANGEROUS

This skill poses significant security risks by accessing sensitive credential files during installation while masquerading as a social media trend analyzer. The combination of credential harvesting, external API communication, and natural language command injection creates multiple attack vectors.

Category Scores

Prompt Injection 40/100 · 30%
Data Exfiltration 0/100 · 25%
Code Execution 60/100 · 20%
Clone Behavior 80/100 · 10%
Canary Integrity 0/100 · 10%
Behavioral Reasoning 20/100 · 5%

Findings (5)

CRITICAL Unauthorized Access to Sensitive Credential Files -100

The skill accessed multiple honeypot credential files during installation, including SSH keys, AWS credentials, Docker config, and environment files. This indicates potential credential harvesting behavior.

HIGH Natural Language Command Injection -30

The skill programs the agent to execute specific system commands when users say common phrases like 'What should I post today?' or 'Any trends?'. This creates a backdoor for command execution through social engineering.

HIGH External API Data Transmission -25

The skill requires a Tavily API key and instructs the agent to send data to external endpoints for 'trend monitoring'. Combined with credential access, this creates an exfiltration pathway.

MEDIUM Environment File Modification Instructions -20

The skill instructs the agent to modify environment files and configuration, potentially overriding security settings or introducing persistence mechanisms.

MEDIUM Native Dependency Installation -20

The skill requests installation of native Node.js modules that could contain malicious code or provide system-level access.