ClawHub

Onchain CLI

Security checks across malware telemetry and agentic risk

Overview

This crypto CLI skill matches its stated purpose, but users should review it because it relies on an external npm tool and asks for sensitive exchange API credentials without clear read-only safety guidance.

Install only if you trust the @cyberdrk/onchain npm package. Use newly created read-only Coinbase/Binance keys with trading and withdrawals disabled, protect the config file, avoid sharing raw balances or trade history in logs, and assume wallet and transaction lookups may be sent to the listed third-party providers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README explicitly promotes wallet, portfolio, and exchange history commands that retrieve sensitive financial/account data, but it provides no warning about privacy implications, local output handling, or the risk of exposing balances and trading history to logs, terminals, agent memory, or downstream tools. In an AI-agent integration context, this omission is more dangerous because agents may invoke these commands automatically and serialize the results into JSON, increasing the chance of unintended disclosure.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly handles sensitive financial data such as wallet balances, portfolio holdings, transaction history, and centralized exchange account data, but it does not include a clear user-facing privacy warning or consent boundary. This increases the risk that an agent may query or expose highly sensitive financial information without adequately informing the user about what data is accessed, stored, or transmitted to third-party providers.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal