ClawHub

usd1 transfer

Security checks across malware telemetry and agentic risk

Overview

This looks like a legitimate testnet transfer skill, but it needs careful review because it asks for a wallet private key and can send tokens immediately.

Install only if you are comfortable with an agent handling a wallet private key and submitting testnet token transfers directly. Use a disposable testnet wallet, verify the exact token, amount, chain, and recipient outside the skill before invoking it, and avoid any mainnet or reused private key. A safer version would use a wallet or signer flow with explicit user approval instead of raw key input.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The skill executes a USDC token bridge transfer but reports success as a USD1 transfer, creating a misleading record of what asset was actually moved. In financial transfer code, incorrect asset labeling can cause operator confusion, bad accounting, mistaken approvals, or delayed incident response after an unintended transfer.

Missing User Warnings

High
Confidence
97% confidence
Finding
This skill accepts a raw private key as input and immediately uses it to sign and submit a cross-chain token transfer, with no confirmation, simulation, policy checks, or explicit user warning. In an agent-skill context, that is especially dangerous because a caller can trigger irreversible fund movement as soon as the skill is invoked, and the skill normalizes passing highly sensitive credentials directly into application inputs.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal