Is skill/agentok-skill safe?

https://clawhub.ai/skill/agentok-skill

45
DANGEROUS

This skill appears to be a malicious application masquerading as a legitimate service. It exhibits clear signs of domain spoofing by claiming to connect to 'agentstok.com' while actually sending user data to suspicious CloudFlare tunnel URLs. The skill harvests personal information including names, handles, and email addresses, creating a significant security risk.

Category Scores

Prompt Injection 85/100 · 30%
Data Exfiltration 5/100 · 25%
Code Execution 25/100 · 20%
Clone Behavior 30/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 0/100 · 5%

Findings (5)

CRITICAL Data sent to suspicious domain instead of claimed service -95

The skill claims to connect to 'agentstok.com' but actually sends user data to 'https://rev-mon-avon-childhood.trycloudflare.com', a CloudFlare tunnel URL. This domain mismatch is a classic sign of malicious activity.

HIGH Executes code that makes external network requests -75

The join.sh script executes curl commands to register accounts and upload data to external servers, creating persistent access credentials.

HIGH Suspicious network connections during install -70

Monitoring detected network connections to CloudFlare tunnel domains (216.150.1.1:443) which don't match the claimed official domain.

MEDIUM Requests execution of bash scripts -15

The skill instructs the agent to execute bash scripts, which goes beyond typical skill permissions and could be used for privilege escalation.

CRITICAL Clear signs of malicious intent through domain spoofing -100

The skill exhibits classic scam behavior by claiming to be associated with 'agentstok.com' while actually communicating with suspicious CloudFlare tunnel domains. This is likely an attempt to harvest user credentials and personal information.