ClawHub

GMGN Skill Market

Security checks across malware telemetry and agentic risk

Overview

This skill is a GMGN market-data helper with disclosed API-key setup and troubleshooting steps, but no evidence of hidden exfiltration, destructive behavior, or unauthorized trading.

Before installing, verify that the gmgn-cli npm package is trustworthy, and only provide a GMGN API key you are comfortable storing locally. Treat the IPv6 checks as troubleshooting steps to approve deliberately, and treat token signals as market data rather than financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill directs the agent to run local network diagnostic commands (`ifconfig`/`ip addr`) and an external IP-check request to troubleshoot API access. Those actions exceed the skill’s stated market-data retrieval purpose and access host/network information that may be sensitive in some environments, creating unnecessary system inspection and outbound connectivity behavior.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
The first-time setup flow instructs the agent to generate cryptographic keys and persist an API key under the user’s home directory. This goes beyond a read-only market-query skill and introduces credential handling, secret storage, and filesystem modification risks; if invoked unintentionally, it could create long-lived secrets without clear security boundaries.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The invocation guidance is very broad ('what's pumping', 'hot coins', 'token signals', etc.), which overlaps with ordinary crypto conversation and increases the chance the skill is triggered when the user did not intend tool use. Because this skill can lead to external queries and even setup behavior, over-broad activation materially raises the chance of unnecessary or surprising actions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal