ClawHub

Goldrush Foundational Api

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate GoldRush API reference skill, but it needs Review because it can route sensitive wallet lookups and API keys to an external service with weak privacy and secret-handling guidance.

Install only if you are comfortable with the agent sending selected wallet addresses, domains, token contracts, and potentially xpub-style identifiers to GoldRush/Covalent. Use a restricted API key from secure configuration, avoid putting keys in URLs or conversation-visible prompts, and direct the agent to query only the specific addresses and endpoints needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (11)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The workflow doc for this REST-only skill includes WebSocket/streaming troubleshooting, including a streaming URL and auth guidance, which conflicts with the manifest's stated boundary that streaming use cases belong to a different skill. This can cause an agent to select the wrong capability, mishandle user requests, or expose credentials to an unintended endpoint/class of service, creating confusion and increasing the chance of insecure integration mistakes.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The skill description repeatedly frames this skill as the default choice for a very broad set of blockchain-related tasks, which can cause over-activation and unnecessary routing of user requests to this integration. In an agent environment, overly broad activation increases the chance of needless external API use and expansion of data exposure beyond what is required for the user’s task.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
These endpoints encourage users to submit wallet addresses and token contract addresses to a third-party API but do not warn that doing so can reveal holdings, transaction history, and investigative intent to the provider. In a blockchain-data skill, that omission is materially relevant because addresses are often pseudonymous rather than truly anonymous, and aggregating lookups can deanonymize users or expose sensitive financial relationships.

Missing User Warnings

High
Confidence
96% confidence
Finding
Submitting an xpub/ypub/zpub can expose the full set of derived child addresses, balances, and transaction history for an HD wallet, yet the documentation presents this as a normal parameter without a strong warning. In this skill's context, that is especially dangerous because the API is specifically designed to aggregate portfolio and transaction data, so disclosure of an extended public key can enable broad financial surveillance and long-term wallet correlation.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
This documentation exposes powerful address-activity, approvals, balances, and transaction-history endpoints that can be used to profile wallets across chains, but it does not warn users that blockchain addresses may still be privacy-sensitive even though the underlying data is public. In a skill intended for broad agent use, that omission increases the risk of silent deanonymization, cross-chain tracking, and over-collection of user data by downstream applications.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The guide tells users to authenticate with a Bearer token and obtain an API key, but does not warn that the key is a secret that must not be embedded in client-side code, prompts, or logs. In an LLM/agent context, omission of secret-handling guidance increases the chance that developers hardcode credentials or expose them in user-visible traces, leading to credential leakage and unauthorized API use.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The suggested system prompt tells agents to send an Authorization header but does not state that the API key is sensitive and must never be disclosed to users, conversation history, tool outputs, or logs. For agent integrations, this omission is risky because prompts often get reused verbatim and can normalize unsafe credential handling patterns.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The WebSocket example includes a literal API key placeholder in connection parameters without warning against hardcoding real secrets in source code. While placeholders are common in docs, in practice developers frequently copy examples directly, which can lead to embedded credentials in repositories or client applications.

Missing User Warnings

Low
Confidence
80% confidence
Finding
The troubleshooting guidance tells users to share their API key prefix with support but does not explicitly warn them not to send the full key. In support workflows, ambiguous wording can result in accidental disclosure of live credentials through email or tickets, enabling unauthorized access if mishandled.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The documentation explicitly shows passing the API key in a URL query string, which is dangerous because URLs are commonly captured in browser history, reverse proxy logs, analytics systems, referer headers, and support tooling. Even if HTTPS is used, the secret can still be exposed through operational logging and downstream systems, increasing the chance of credential leakage.

External Transmission

Medium
Category
Data Exfiltration
Content
Include your API key as the `key` query parameter in the request URL.

```bash
curl -X GET "https://api.covalenthq.com/v1/eth-mainnet/address/demo.eth/balances_v2/?key=YOUR_API_KEY_HERE"
```

## Error Handling
Confidence
95% confidence
Finding
https://api.covalenthq.com/

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal