ClawHub
Back to skill

Security audit

Eth Payment

Security checks across malware telemetry and agentic risk

Overview

This is a local Ethereum payment-link and QR-code generator with disclosed dependencies, but users should verify addresses, token contracts, and amounts before using generated links.

Reasonable to install for local payment-link generation, but treat output as a draft: verify recipient addresses, token contract addresses, network, and amount in the wallet before sharing or paying. Prefer a virtual environment for the pip packages, and avoid using Ethereum DAI links until the malformed token address is fixed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
83% confidence
Finding
The skill declares no permissions, but its documented installation and execution steps clearly rely on shell execution (`pip install`, `python3 ...`) and file access for reading configuration and writing QR image files. This creates a permission-model mismatch: an agent or platform may treat the skill as lower risk than it actually is, leading to unreviewed command execution or filesystem interaction.

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The payment-link generator accepts any 42-character string starting with 0x, without verifying that the remaining characters are valid hexadecimal or that the address is checksum-valid. This can produce malformed payment requests that fail in wallets or, worse, normalize user trust around invalid destination data in a payment workflow.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.