ClawHub

Isma Airdrop Finder

Security checks across malware telemetry and agentic risk

Overview

This skill is not malware, but it can present hard-coded or mock crypto information as automated market and airdrop analysis.

Review before installing if you might rely on the reports for trading or on-chain activity. Treat the market levels, macro headlines, and airdrop opportunities as unverified sample content unless the author replaces the mock/static data with clearly sourced live feeds and adds crypto wallet safety guidance. If cron is enabled, the scripts will continue writing local reports until the schedule is removed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Tp4

High
Category
MCP Tool Poisoning
Confidence
92% confidence
Finding
The skill documentation materially misrepresents behavior by claiming to be self-contained and automated while describing outbound API access, local state persistence, and additional monitoring behavior. This is dangerous because operators may grant trust or deploy it in restricted environments based on false assumptions, leading to unexpected network egress, storage of data, and overestimation of the reliability of its airdrop 'discovery' capability.

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
Claiming the skill is self-contained with no external dependencies is inaccurate when it depends on CoinGecko, DefiLlama/manual external data, internet connectivity, and optionally OpenClaw cron. In security-sensitive or offline deployments, this can cause policy bypass, failed execution, or unintended data flows because reviewers may not apply the scrutiny normally given to network-dependent skills.

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The script presents itself as producing daily market analysis and macro news, but the OHLC candles and news are hard-coded rather than sourced dynamically. In a financial-analysis skill, fabricated data is dangerous because users may make trading or risk decisions based on false information while believing it is current and factual.

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The comments claim CoinGecko/API/news sourcing, but the implementation returns static mock data. This mismatch is security-relevant because it misleads reviewers and users about the trustworthiness and freshness of the analysis, creating a deceptive output channel in a finance-oriented skill.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The report explicitly encourages users to bridge assets, interact with testnets, and join Discord/Twitter quests without any warning about wallet-drain risks, phishing, malicious smart contracts, fake social accounts, transaction costs, or use of burner wallets. In a crypto-airdrop skill, this context makes the omission more dangerous because users are being nudged toward real blockchain interactions where scams and wallet compromise are common.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal