ClawHub

Aavegotchi Gotchiverse

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Gotchiverse blockchain-operations guide with real transaction risk, but I found no hidden, deceptive, persistent, or purpose-mismatched behavior.

Install only if you intend to let an agent help with real Gotchiverse activity on Base mainnet. Use a dedicated low-balance wallet, keep DRY_RUN enabled until you are ready, independently verify contract addresses and chain ID 8453, avoid exposing PRIVATE_KEY in logs or shell history, and approve each cast send transaction deliberately after simulation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (8)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The broadcast example submits a live transaction using a raw private key but provides no warning that the action is irreversible and security-sensitive. In an agent skill context, this increases the chance of unsafe operational use, accidental state changes, or poor key-handling practices by users who may copy commands directly.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
This whitelist-setting broadcast command also performs a real state-changing transaction with a supplied private key and lacks any caution about transaction finality or credential exposure. Because access-right changes can open parcel actions to others, an operator following the example blindly could unintentionally weaken authorization or expose operational control.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The document includes ready-to-run `cast send` examples that require `--private-key` for live, state-changing transactions, but it does not prominently warn that these commands will sign and broadcast irreversible onchain actions that can spend tokens, burn GLTR, consume in-game resources, or alter parcel state. In an agent skill context, copy-pastable broadcast recipes materially increase the chance of accidental execution against mainnet, especially when paired with environment variables like `$PRIVATE_KEY` and production RPC endpoints.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The markdown includes `cast send` examples that will broadcast live transactions signed with `$PRIVATE_KEY`, but it does not prominently warn that these commands mutate on-chain state and may spend assets or trigger irreversible game actions. In an agent skill context, users may treat recipe commands as safe copy-paste guidance, increasing the chance of accidental execution on Base mainnet.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The document normalizes direct use of `--private-key "$PRIVATE_KEY"` without any warning about secret handling, shell history exposure, process inspection risks, or the need to avoid sharing/logging credentials. While the file does not disclose a key itself, it encourages operational patterns that can lead to credential compromise when used in automation or by less experienced operators.

Missing User Warnings

Low
Confidence
93% confidence
Finding
The documentation includes example commands that conditionally attach a Bearer token to requests sent to third-party Goldsky endpoints, but it does not explicitly warn that credentials may be transmitted off-host. In a skill intended for operators, this can cause inadvertent credential disclosure or over-broad reuse of privileged API keys, even though the requests are read-only GraphQL queries.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The file includes ready-to-run broadcast commands that sign and submit live on-chain transactions using a private key, but it does not clearly warn that these actions are state-changing, potentially irreversible, and may spend in-game resources or gas. In an agent-skill context, such copy-pastable commands increase the chance of accidental execution against mainnet, especially because the skill is explicitly designed for operational workflows rather than passive reference.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
These additional examples provide multiple signed transaction paths for claiming crafted tiles and reducing craft time with GLTR, again using `--private-key` without explicit safety guidance. Because the skill targets live game-contract operations on Base mainnet, omission of transaction-effect warnings materially increases the risk of unintended irreversible actions, asset consumption, or misuse by an automated agent/operator.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal