ClawHub

Monad Wordle Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a real blockchain game integration, but it gives an agent enough wallet authority to spend tokens on mainnet without sufficient built-in safeguards.

Install only if you intentionally want an agent to sign Monad Mainnet transactions for this game. Use a dedicated wallet with limited MON and WORDLE, verify the token, game contract, ABI, nad.fun flow, and API endpoint yourself, require manual approval for every buy, approval, and play transaction, and revoke or limit allowances after playing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill advertises itself as a Wordle-playing HTTP API integration, but the documentation also instructs the agent to perform token trading on nad.fun. That expands the operational scope from gameplay into financial trading, increasing the risk of unintended asset purchases, slippage loss, and exposure to unreviewed third-party contract interactions.

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The manifest frames this as an HTTP game skill, but the execution flow requires wallet connection, token acquisition, ERC-20 approvals, and on-chain payment. This mismatch can mislead downstream systems or users into invoking the skill without understanding that it can trigger irreversible blockchain transactions and token spending.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs agents to buy tokens, approve a contract, and pay to start a game without an explicit warning that these are irreversible financial actions. In agent settings, this is particularly dangerous because automated systems may execute approvals or purchases on behalf of a user without sufficiently informed consent.

Missing User Warnings

Low
Confidence
82% confidence
Finding
The skill directs users to send wallet addresses and transaction hashes to a third-party API without any privacy or data-sharing notice. While these values are often public on-chain, centralizing them through an application endpoint can still enable tracking, profiling, and linkage of gameplay activity to wallet identities.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal