ClawHub

Pet Operator

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Aavegotchi petting-delegation helper with local bookkeeping changes, not hidden credential theft or automatic asset movement.

Before installing, understand that the generated approval transaction delegates AAI petting rights on Base, while ownership remains with you. Verify the destination contract, operator address, network, and decoded calldata in your wallet or a trusted explorer before signing. Review PET_ME_CONFIG_FILE before running add/remove scripts, since they persistently edit local pet-me-master bookkeeping and create backup files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The script is named and documented as removing a delegated wallet record, but it also deletes matching entries from the broader `wallets` list. In this skill, that creates an integrity risk because an operator intending to revoke delegation bookkeeping could unintentionally remove a normal wallet record and alter unrelated pet-me-master configuration state.

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The misleading header comment understates the script's behavior, which can cause operators or downstream agents to trust it for delegated-wallet cleanup while it also removes general wallet records. In an automation context, this kind of documentation/behavior mismatch is dangerous because users may approve execution based on the comment and not detect the broader config modification.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README documents scripts that update pet-me-master tracking configuration but does not clearly warn users that these actions perform persistent bookkeeping changes outside simple approval checking or transaction generation. This can mislead operators into running commands with side effects they did not expect, causing unintended config mutations, stale delegation records, or incorrect operational state that could affect downstream automation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The document provides step-by-step instructions for signing an on-chain transaction with a fixed destination address and raw calldata, but it does not tell users to independently verify the contract address, function, network, and decoded parameters before signing. In a crypto workflow, missing this warning materially increases the chance of users blindly approving irreversible transactions, especially if the document is copied, modified, or consumed out of context.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal