ClawHub

Graveyard Protocol CLI

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-aligned, but it gives agents wallet-import and automated blockchain transaction authority that users should review carefully before installing.

Install only if you trust Graveyard Protocol and are comfortable allowing an agent to run Solana wallet-affecting commands. Use dry-run first, avoid --all unless intentional, do not let the agent search for key files, and require explicit approval before add-wallet, close-empty, claim-soul, --yes, or unattended JSON-mode workflows.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The manifest claims `agent_handles_secrets: false`, but the documented workflow has the agent pass a wallet keypair file into `gp add-wallet`. Even if the CLI encrypts and stores the key locally, the agent is still handling highly sensitive key material by accessing its path and initiating import, which can mislead policy engines or operators into allowing unsafe automation around private keys.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation text is broad enough to trigger on generic wallet, stats, or rewards requests, which increases the chance an agent invokes a finance- and wallet-affecting skill in situations where the user did not intend on-chain or wallet-management actions. In this context, over-broad routing is risky because the skill can import wallets, submit transactions, and claim tokens.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation instructs users or agents to add and persist encrypted wallet keypairs locally, but it does not foreground the operational risk of importing private key material into an automated environment. Because this skill concerns cryptocurrency wallets, understated warnings can lead users to expose valuable credentials to agents, shared hosts, or poorly secured systems.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal