ClawHub

Crypto Price Pro

Security checks across malware telemetry and agentic risk

Overview

This skill performs disclosed crypto price lookups, chart/report generation, and optional email reports, with no evidence of hidden exfiltration or destructive behavior.

Install only if you want crypto price lookups and optional emailed reports. Use an app-specific SMTP password, verify the recipient before sending, avoid storing secrets permanently in shell startup files if possible, and remove any cron job or generated chart files when you no longer need recurring reports.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill documentation describes capabilities that use environment variables for SMTP credentials and network access to CoinGecko and email servers, but no explicit permissions are declared. In an agent skill ecosystem, this weakens reviewability and consent boundaries because users and the runtime may not realize the skill can access secrets and make outbound connections.

Description-Behavior Mismatch

Medium
Confidence
84% confidence
Finding
The chart generator writes files to a fixed local path under /Users/admin/.openclaw/workspace without making that persistence behavior explicit in the skill description. In an agent environment, undisclosed local writes can create privacy, data retention, and boundary concerns, especially if other components later access or exfiltrate those files.

Description-Behavior Mismatch

Medium
Confidence
84% confidence
Finding
The comparison chart function also persists generated images to a fixed local path by default, which is not described in the manifest and may surprise users or platform operators. In shared agent workspaces, such files can accumulate or be accessed by other tools, increasing unintended data exposure risk.

Vague Triggers

Medium
Confidence
73% confidence
Finding
The trigger description is broad enough to match common questions about crypto prices, market conditions, reports, and scheduled pushes, which can cause over-invocation of the skill. Because the skill can use network access and potentially send emails, broad triggering increases the chance of unintended external actions or data retrieval without clear user intent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal