ClawHub

Overlay Market (perpetual futures trading)

Security checks across malware telemetry and agentic risk

Overview

This skill is clearly for Overlay trading, but it can sign and broadcast real BSC transactions with a private key, including unlimited USDT approvals, so users should review it carefully before installing.

Install only if you intend to trade on Overlay Protocol on BSC. Prefer an external signer, smart-contract account, or dedicated low-value wallet instead of a raw private key with real funds. Review every generated transaction before piping it to send.js, pass a specific approval amount instead of relying on the unlimited default, and confirm the destination, spender, market, position ID, direction, leverage, collateral, and slippage before broadcasting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill explicitly requires environment variables and network access, including optional use of a private key and broadcasting signed transactions, but it does not declare corresponding permissions in a structured way. That mismatch weakens user and platform visibility into sensitive capabilities, increasing the risk that the skill is invoked with broader trust than intended and can access secrets or external endpoints without clear consent boundaries.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The description says to use the skill whenever the user wants to trade on Overlay, analyze markets, or manage positions, which is broad enough to overlap with generic trading or market-analysis requests. In an agentic environment, that can cause over-invocation of a skill that has network access and can prepare or send financially sensitive blockchain transactions, raising the chance of unintended fund movement or exposure to risky workflows.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal