Back to skill
Skillv1.0.0
VirusTotal security
Pond3r Skill - Query Onchain Data · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:58 AM
- Hash
- f112b4da906d42fecda8186c6046f2f9eae26ef3d42c7d398fa46bd212149971
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: pond3r-skill Version: 1.0.0 The skill is highly susceptible to prompt injection and SQL injection vulnerabilities. The `SKILL.md` instructs the agent to execute `node` scripts, specifically `scripts/query.mjs`, with user-provided SQL queries. The `query.mjs` script directly passes this SQL (from `--sql` argument or `--sql-file`) to the external Pond3r MCP API (`https://mcp.pond3r.xyz/mcp`). While the documentation claims 'SELECT only' and 'bare table names' are enforced, this design allows an attacker to craft malicious SQL via prompt injection, potentially leading to data exfiltration or reconnaissance against the Pond3r backend. Furthermore, the agent is instructed to 'Parse the JSON output and summarize for the user,' which means any successfully exfiltrated data would be presented.
- External report
- View on VirusTotal