ClawHub

Etherlink Skill

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Etherlink helper, but it asks users to run an unpinned external MCP server that may use a wallet private key for irreversible blockchain transactions.

Install only if you understand the wallet risk. Start in read-only mode, verify the external MCP server package before running it, test on Shadownet, and never provide a main wallet private key; use a dedicated low-balance key and approve each transaction manually.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI02: Tool Misuse and Exploitation
High
What this means

If enabled with a funded wallet, a mistaken or manipulated agent action could move funds, transfer tokens, deploy contracts, or alter contract state.

Why it was flagged

These are irreversible or high-impact blockchain actions. The artifacts do not specify confirmation requirements, spending caps, address allowlists, or other containment before the agent uses these tools.

Skill content
### Write Operations (require PRIVATE_KEY)
- `send_transaction` - Send XTZ
- `transfer_token` - Transfer ERC20 tokens
- `deploy_contract` - Deploy a contract
- `write_contract` - Call a state-changing function
Recommendation

Use read-only mode unless signing is necessary, require explicit user confirmation for every transaction, test on Shadownet first, and use a dedicated low-balance wallet.

#
ASI03: Identity and Privilege Abuse
High
What this means

A wallet private key can authorize transactions and asset transfers; misuse or exposure can lead to permanent loss of funds.

Why it was flagged

The skill directs users to provide a raw EVM private key to the MCP server. That key grants full signing authority for the wallet, while the registry metadata declares no primary credential or required environment variables.

Skill content
"env": {
  "EVM_PRIVATE_KEY": "your-private-key-here"
}
Recommendation

Do not use a main wallet private key. Prefer read-only mode, use a separate limited wallet for write operations, and ensure the skill metadata clearly declares the credential requirement.

#
ASI04: Agentic Supply Chain Vulnerabilities
Medium
What this means

Running an unverified or changed external package with a wallet key could expose the key or sign unintended transactions.

Why it was flagged

The skill relies on external MCP server code that is not included in the reviewed artifacts, is not pinned to a version or checksum, and includes a placeholder repository URL. That server is also the component expected to handle private keys and write transactions.

Skill content
"command": "npx",
"args": ["-y", "etherlink-mcp-server"]
...
git clone https://github.com/yourusername/etherlink-mcp-server.git
Recommendation

Use an official, pinned, reviewed MCP server package or repository; verify package provenance before running it; and avoid giving unreviewed code access to valuable wallets.