ClawHub

OpenServ Launch

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but it enables real Base-mainnet token launches without strong confirmation or webhook safety controls.

Install only if you intentionally want scripts or agents that can launch real Base-mainnet tokens. Before running examples, add a required final human confirmation, secure any webhook trigger, verify the creator wallet and token metadata, and use dedicated wallets and API credentials. Never provide private keys or seed phrases.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The quick-start example performs a real POST to a mainnet token-launch endpoint and the skill states all tokens are deployed on Base Mainnet, but it does not prominently warn that this triggers irreversible on-chain actions, possible fees, and token creation consequences. In an agent/tooling context, users may copy or automate the example and unintentionally launch a live asset, making the omission materially risky.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The agent capability directly forwards user-supplied inputs to the live launch endpoint, enabling autonomous token deployment from natural-language-driven workflows without an explicit confirmation or safety gate. In the context of an agent skill, this is more dangerous than a simple API example because an agent could be induced to perform irreversible mainnet actions, spend funds, or create scam-like assets with minimal friction.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The launch capability forwards user-supplied wallet address and token metadata to a third-party API endpoint without an explicit just-in-time disclosure or consent check at the operation site. In an agent setting, this can cause users to unknowingly disclose wallet identifiers and project metadata to an external service, which creates privacy, tracking, and compliance risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The reference describes POST /api/launch as a normal API call but does not clearly warn that it triggers irreversible on-chain token deployment, pool creation, purchase, and LP locking. In an agent skill context, that omission is dangerous because an agent or user may treat this like a harmless metadata operation and unintentionally cause financial loss or permanent blockchain side effects.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal