ClawHub

Fortuna Lottery

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about a Solana lottery, but it can lead an agent to spend SOL using a private key without strong built-in purchase safeguards.

Review before installing. Only use this with a dedicated low-balance Solana wallet, verify the treasury address independently, never provide a main wallet private key, and require explicit manual approval for every ticket purchase or SOL transfer.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill uses network access and a sensitive environment variable (`SOLANA_PRIVATE_KEY`) but does not declare corresponding permissions. That mismatch can hide the true trust boundary from users and tooling, increasing the risk that the skill is invoked without adequate scrutiny before making external requests or handling signing material. In this context, the risk is amplified because the skill encourages financial transactions on Solana and normalizes use of a private key in a fallback path.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger instruction is extremely broad: it says to always use this skill for nearly anything related to FORTUNA, jackpot, tickets, round status, recent activity, or stats. Over-broad activation increases the chance the agent will automatically route users into a workflow that promotes gambling participation and external API use, even when a narrower informational response would be safer. Because the skill also facilitates sending funds, excessive auto-invocation makes unintended financial actions more likely.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal