ClawHub

Crypto Levels Analyzer

Security checks across malware telemetry and agentic risk

Overview

This is a crypto price analysis helper with disclosed demo/offline modes, not evidence of malware or hidden data theft.

Install only if you are comfortable running local Python scripts that call public crypto market-data APIs. Use the live analyzer or supply fresh prices yourself, treat mock/default outputs as demonstrations, avoid trading-enabled exchange keys, and do not rely on the analysis as financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The file is explicitly a mock analyzer that fabricates prices, RSI, moving averages, and support/resistance levels using hardcoded values and randomness, yet the skill metadata advertises current crypto price analysis and trading insights. In a financial-analysis context, presenting synthetic market data as if it were live can materially mislead users into making trading decisions based on false information.

Description-Behavior Mismatch

Low
Confidence
77% confidence
Finding
The code writes analysis output to /tmp/crypto_analysis_mock.json even though the skill is described as analysis-only. While the data here is not especially sensitive, unexpected file writes expand the skill's side effects, can leak user-requested symbols or timestamps to other local processes, and violate least-privilege expectations.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation shows API keys being placed directly in a JSON configuration file, including a realistic-looking production example, without a prominent warning that this stores secrets in plaintext on disk. That pattern can lead users to copy the example into local files, backups, logs, or repositories, increasing the chance of credential leakage and unauthorized use of third-party APIs.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal