ClawHub

Crypto limit orders — gasless, non-custodial

Security checks across malware telemetry and agentic risk

Overview

This is a coherent instruction-only crypto trading skill, but users must review wallet approvals, signed orders, recipients, and relay submission carefully because real funds can be affected.

Install only if you understand EVM approvals and signed orders. Before signing or submitting, verify the chain, relay URL, contract/spender, token addresses and decimals, amount and maxAmount, recipient, slippage, deadline, recurrence settings, and cancellation path. Avoid unlimited approvals unless you deliberately want repeat-use convenience.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
80% confidence
Finding
This README describes signing orders, token transfers, execution windows, and settlement flows without a prominent warning that these actions can lead to irreversible on-chain transactions and financial loss. In a DeFi trading skill context, missing risk disclosure materially increases the chance that users authorize spending or trading behavior they do not fully understand, especially given multi-fill and recurring order semantics.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The examples explicitly tell users to copy and modify signed relay payload shapes for crypto orders, but provide no safety guidance about irreversible on-chain execution, signature handling, or the financial consequences of submitting malformed or attacker-controlled parameters. In a crypto trading skill, this is more dangerous than generic example data because users may treat the examples as production-ready and submit orders with real funds, incorrect recipients, wrong chain IDs, unsafe deadlines, or reused signatures.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The documentation explicitly notes that changing `output.recipient` is dangerous, but it does not explain the concrete consequence: funds from executed orders may be sent to an unintended or attacker-controlled address instead of the swapper. In a crypto order-building skill, ambiguous guidance around a payout address is materially risky because downstream agents or users may override the default without understanding that this can redirect settlement proceeds.

Missing User Warnings

Medium
Confidence
80% confidence
Finding
The skill instructs users to submit signed order data to a third-party relay endpoint but does not explicitly warn that order details and signatures are being transmitted off-device to an external service. In a crypto trading context, this can expose sensitive trading intent, wallet linkage, and signed payloads to relay operators or intermediaries, which has privacy and operational risk even if the relay is expected for the protocol.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal