ClawHub

Gotchi Finder

Security checks across malware telemetry and agentic risk

Overview

This skill is a read-only Aavegotchi lookup and image-generation utility, with normal local script, npm dependency, and public network-query considerations.

Install only if you are comfortable running Node and shell scripts, installing npm packages, querying public blockchain/API endpoints, and storing generated gotchi JSON/SVG/PNG files locally. Treat the skill as read-only for wallets and blockchain state, but do not rely on its self-stated zero-risk or approval language as a security guarantee.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
85% confidence
Finding
The skill declares no explicit permissions while the manifest and usage clearly require environment access and shell execution. This weakens sandboxing and review because operators may assume the skill is passive/read-only when it actually executes scripts and consumes runtime configuration such as RPC endpoints.

Tp4

High
Category
MCP Tool Poisoning
Confidence
92% confidence
Finding
The documented purpose frames the skill as a simple fetch/display utility, but the analysis indicates materially broader behavior including multiple external data sources, event-history searches, API calls, and probing/test logic. That mismatch is dangerous because reviewers and agents may grant trust or execution based on an incomplete understanding of what the skill actually does.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The security section makes strong safety claims while describing data flow inconsistently with earlier technical sections. Contradictory security documentation is risky because it can conceal actual trust boundaries, external dependencies, and attack surface, especially when combined with emphatic claims like '100% SAFE' and 'ZERO-risk.'

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The script behavior does not match the skill description: it pulls data from the Aavegotchi website API rather than reading Base mainnet on-chain data. This creates a trust and integrity gap because users may rely on off-chain, mutable, rate-limited, or unavailable data while believing they are seeing canonical blockchain state.

Unrestricted Tool Access

Medium
Category
Excessive Agency
Content
## For OpenClaw Agents

**Use `show-gotchi.sh` - it outputs the exact format needed for the message tool:**

```bash
cd ~/.openclaw/workspace/skills/gotchi-finder
Confidence
78% confidence
Finding
tool:*

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal