ClawHub

MegaETH AI Developer

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate MegaETH developer guide, but it gives live blockchain transaction guidance with too few safety gates for actions that can move real funds.

Install only if you want an agent to assist with MegaETH blockchain development and you are prepared to review every on-chain action manually. Before any transfer, swap, bridge, approval, raw transaction, or deployment, verify chain ID, RPC URL, wallet, recipient, contract, spender, amount, gas, nonce, and slippage; prefer testnet, simulation or dry runs, and exact-amount approvals over max approvals or confirmation-bypassing commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README gives agents concrete prompts to perform wallet transfers, swaps, and bridging, but does not pair them with any warning that these actions can move real funds, are often irreversible, and may require explicit user confirmation. In an agent-skill context, examples strongly shape behavior, so this omission increases the risk that an AI assistant treats high-impact financial operations as routine automation rather than sensitive actions.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill description is broad enough to match generic wallet, transaction, and deployment requests without clearly requiring that the user is specifically working on MegaETH. That can cause the agent to invoke this skill in unrelated Ethereum contexts and apply MegaETH-specific assumptions such as chain IDs, gas behavior, RPC methods, or transaction flows where they do not belong.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The activation guidance enumerates common task categories like wallet setup, transactions, token operations, frontend work, and deployment without defining exclusion criteria. In an agent setting, this increases the chance of over-triggering on routine blockchain tasks and can steer users toward MegaETH-specific RPCs, gas rules, and operational practices in the wrong environment, producing unsafe or incorrect actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The file provides ready-to-run `cast send` and `forge script --broadcast --skip-simulation` commands that can cause immediate on-chain state changes and potential fund loss, but it does not warn users that these actions are irreversible, may spend real assets, and should be validated against the intended network and addresses first. In a developer skill focused on wallet operations, deployment, and transaction submission, this omission is more dangerous because users are likely to copy-paste commands directly into production workflows.

Missing User Warnings

Medium
Confidence
76% confidence
Finding
The latency section explicitly recommends pre-signing multiple transactions and pipelining them for instant submission, but omits safeguards around user consent, nonce drift, stale assumptions, duplicate broadcast, and the fact that pre-signed payloads are transferable bearer artifacts. In an agent skill focused on wallet operations and transaction sending, this can normalize unsafe automation patterns that may lead to unintended fund movement or replay of prepared transactions.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The CLI example sends funds with `--yes`, which suppresses an interactive confirmation for an irreversible transfer. In a wallet-operations skill, users may copy-paste commands directly, so removing the confirmation step materially increases the chance of accidental loss from mistyped recipient addresses, wrong amounts, or use in the wrong environment.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This ERC20 transfer example also uses `--yes` to bypass confirmation for a token send, which is similarly irreversible. The surrounding skill is specifically about wallet and token operations, making copy-paste execution likely; that context increases the practical risk of accidental token loss.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal