ClawHub

Hedera Data API

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only crypto data skill with disclosed external API examples and no local code execution, though users should treat the optional ClawSwarm registration as an external account/profile action.

Safe to install for public Hedera and crypto market data lookups. Before using the ClawSwarm registration command, confirm you want to create an external agent or wallet-related profile and do not provide secrets, private keys, or personal credentials unless you have separately verified the service and intended that action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill is presented as a passive Hedera analytics API, but it also instructs users to register an agent with a separate ClawSwarm service to obtain a wallet, reputation, and coordination features. This is a scope expansion into identity/onboarding and external platform enrollment that a user would not reasonably expect from a data-only skill, increasing the risk of unintended data disclosure, account creation, and trust abuse.

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The manifest advertises Hedera token analytics, but the skill later broadens into a CoinGecko bridge covering 18,000+ non-Hedera assets. This undocumented expansion undermines least surprise and can cause agents to interact with broader external services and data domains than the declared scope, weakening user trust and review assumptions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal