ClawHub

Solana + Polymarket + X Wallet Agent

Security checks across malware telemetry and agentic risk

Overview

This wallet and trading skill mostly matches its stated purpose, but it needs review because setup exposes the master wallet password and the package contains high-impact automated trading behavior.

Review carefully before installing. Use only wallets funded with amounts you are willing to risk, start scanners in dry-run mode, and do not run the setup script in shared terminals or CI because it prints the master encryption password. Rotate the master password if it has already appeared in logs, and verify any live trade or X posting request before allowing execution.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The setup script prints the master encryption password directly to stdout, which can be captured by shell history, terminal scrollback, CI logs, remote session logging, or shoulder-surfing. Because this password is explicitly described as the root secret protecting wallet private keys, disclosure can enable decryption of the stored master key and compromise all encrypted wallet material.

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The file implements an always-on pump.fun listener and automated trading loop, yet the declared skill description emphasizes wallet management, Polymarket arbitrage, social posting, and Raydium swaps rather than autonomous pump.fun memecoin trading. This capability mismatch is dangerous because users may invoke or install the skill without understanding that it can continuously monitor tokens and execute real trades, increasing the risk of unintended financial loss from hidden or under-disclosed behavior.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal