ClawQuests

Security checks across malware telemetry and agentic risk

Overview

This blockchain quest skill appears purpose-aligned, but it asks agents to run irreversible on-chain transactions by passing a private key directly on the command line.

Install only if you are comfortable with the agent signing blockchain transactions. Use a test wallet with limited funds, verify the chain and contract addresses before each action, and avoid exposing valuable private keys through command-line arguments.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill repeatedly instructs use of `cast send ... --private-key <agentPrivateKey>` for state-changing blockchain operations, but provides no explicit warning about irreversible onchain transactions, spending of real funds, network/environment verification, or safe key handling. In an agent setting, normalizing raw private-key injection into shell commands materially increases the risk of key leakage through process lists, logs, history, telemetry, or prompt/tool misuse, and can lead to unauthorized token approvals, transfers, staking, or other irreversible actions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal