ClawHub

Cannon

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Cannon skill for Ethereum deployment workflows, with high-impact blockchain actions disclosed and guarded by dry-run and confirmation guidance.

Install this only if you want an agent to help with Cannon/Ethereum deployments. Before any real deploy, publish, register, or publisher change, verify the chain ID, RPC URL, wallet, package/version, uploaded artifacts, fees, and exact command; run dry-run first and use a dedicated low-balance deployment key.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The documentation explicitly teaches deployment and invocation actions that can change on-chain state, transfer value, and create irreversible effects, but it does not include a clear warning about the risks of running these commands against live networks. In the context of an agent skill that may be used operationally, this omission can mislead users into treating examples as safe defaults, increasing the chance of accidental mainnet deployments, unintended contract calls, or value loss.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The CLI documentation instructs users to pass private keys and API keys via command-line flags or environment variables without any explicit guidance on secure handling. In practice, command-line secrets can leak through shell history, process listings, logs, CI output, and copied command snippets, which is especially sensitive in an Ethereum deployment tool where the private key directly authorizes on-chain actions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation for build/run/publish flows describes transaction-capable operations but does not consistently warn that they may trigger live, irreversible blockchain transactions and fees when not using dry-run settings. In this skill context, that omission is more dangerous because Cannon is explicitly for Ethereum deployments, so users may unknowingly execute state-changing actions against real networks and lose funds.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The publishing section presents the `cannon publish` command before clearly warning that publishing uploads package contents to public IPFS and records metadata on-chain, which are effectively public and hard to retract. In a deployment/package-management skill, users may run the command with real projects and unintentionally disclose source code, ABIs, addresses, or transaction data before noticing the later `privateSourceCode` note.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal