ClawHub

Crypto Social Intel

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed crypto social-sentiment skill that makes read-only remote MCP lookups and shows no local execution, persistence, or account-changing behavior.

Install only if you are comfortable with crypto market-research prompts being sent to the Antalpha MCP service. Treat outputs as informational, not investment advice, and avoid sharing private portfolio details, wallet secrets, API keys, or other sensitive financial information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The activation metadata includes many broad natural-language triggers such as 'market sentiment,' 'which tokens are trending,' and related Chinese phrases. This can cause the skill to activate on general market discussion and steer the agent into using external tools unexpectedly, increasing the chance of scope hijacking or irrelevant tool use.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The behavior rules use short activation cues like 'market sentiment,' 'mention surge,' and 'fear greed' that are too generic for safe routing. In an agent system, these phrases can match ordinary user conversation and trigger external MCP calls without sufficiently clear user intent.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The message template is written as the default presentation format in Chinese, which can override the user's language preference. This is a policy and UX risk because the skill may force responses into an unexpected language, reducing clarity around financial disclaimers and outputs.

Natural-Language Policy Violations

Medium
Confidence
87% confidence
Finding
The required disclaimers are specified only in Chinese even though the skill supports English triggers and use cases. English-speaking users may not understand latency and data-quality caveats, which is especially problematic in a crypto decision-support context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal