ClawHub

Blockchain Analysis

Security checks across malware telemetry and agentic risk

Overview

This appears to be a documentation-style Blockscout API skill with expected credential and endpoint guidance risks, not hidden or destructive behavior.

Install only if you intend to use Blockscout APIs. Store any API key in an environment variable or secret store, do not paste or commit it, and ask the agent to avoid authenticated watchlist endpoints unless you specifically want account-scoped data used.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Vague Triggers

Medium
Confidence
83% confidence
Finding
The skill description is extremely broad and marked as mandatory, which can cause the agent to invoke this skill for a wide range of ordinary blockchain requests unrelated to its narrow operational guidance. That creates an unnecessary routing and trust surface: more user requests get exposed to skill instructions and external-service workflow constraints than needed, increasing the chance of mis-selection, policy interference, or unsafe overreach in downstream tool use.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The index documents `/api/v2/transactions/watchlist` without any warning that it is tied to an authenticated user's watchlist data. In a skill that explicitly guides tool usage before Blockscout calls, this omission can cause an agent or user to invoke account-scoped endpoints without understanding they may expose personalized data, creating a privacy and least-privilege issue rather than direct code execution risk.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The index lists `/api/v2/main-page/transactions/watchlist` without disclosing that it accesses the current authenticated user's watchlist activity. Because this skill is positioned as mandatory pre-guidance for blockchain queries, the missing warning increases the chance of accidental collection or disclosure of private, account-linked information during routine analysis workflows.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The documentation explicitly includes `apikey` and especially `key` parameters described as a secret for restricted resources, but it provides no warning about treating them as secrets, avoiding logs, or keeping them out of shared code and prompts. In a skill intended to guide API and script usage, this omission can normalize insecure handling of credentials and lead users or downstream agents to expose secrets in URLs, source files, telemetry, or chat transcripts.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation explicitly describes a `key` parameter as a secret used to access restricted resources, but provides no warning about secure handling, transmission, storage, or redaction. In a skill that guides agents and users on how to call Blockscout APIs, this omission can lead to secrets being placed in URLs, logs, scripts, examples, or shared outputs, increasing the likelihood of credential exposure and unauthorized access.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The documentation repeatedly advertises a `key` parameter described as a secret key for restricted resources, but provides no warning about safe credential handling. In a skill whose purpose is to guide tool calls and script writing, this increases the chance that users or generated code will place secrets in URL query strings, logs, shell history, source files, or other insecure locations, leading to credential leakage.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation repeatedly exposes a `key` parameter described as a secret key for restricted resources, but provides no warning about secure handling, storage, or transmission of that credential. In a skill intended to guide agents and users on using Blockscout APIs, this can normalize passing sensitive secrets in requests or logs, increasing the chance of credential leakage through code samples, terminal history, telemetry, or shared scripts.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The documentation explicitly lists both `apikey` and especially `key` as request parameters for restricted resources without any warning about secret handling, storage, redaction, or safe transmission. In a skill meant to guide agents and script generation, this increases the risk that downstream code will embed secrets in URLs, logs, examples, or generated scripts, leading to credential leakage and misuse of restricted API access.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal