Back to skill

Security audit

ClawQuests

Security checks across malware telemetry and agentic risk

Overview

This blockchain skill appears aligned with its stated quest-marketplace purpose, but it asks agents to handle a live wallet private key and execute irreversible on-chain transactions in a way users should review carefully.

Install only if you understand the wallet and contract risks. Use a dedicated test wallet with limited funds, do not reuse a valuable private key, review every cast send transaction before broadcasting, and keep approvals and stakes limited to what you intend to spend.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill repeatedly instructs users to pass `--private-key <agentPrivateKey>` directly on the command line for live transaction signing. Command-line secrets are commonly exposed via shell history, process listings, logs, agent traces, or telemetry, which can lead to full wallet compromise and theft of funds across any chain where the key is reused.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill exposes many state-changing actions (`approveUSDC`, `stake`, `unstake`, `createQuest`, `approveCompletion`, `cancelQuest`, etc.) without clear warnings that they can transfer tokens, authorize spending, or irreversibly alter on-chain state. In an agent setting, this increases the chance of accidental fund movement, unsafe approvals, or unintended transactions because the instructions normalize direct execution of write operations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.