ClawHub
Back to skill

Security audit

ABI-to-MCP: The Web3 Skill Architect

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but it can use a raw wallet private key to make high-impact ERC-20 transactions without enough safety guidance.

Install only if you understand ERC-20 transactions and can use a dedicated low-value wallet key rather than a main wallet. Before any write call, manually verify the network, contract address, recipient or spender, amount, gas, and approval impact; token transfers, approvals, minting, and burns can have permanent financial consequences.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill exposes write-capable ERC-20 operations such as transfer, approve, transferFrom, mint, and burn without any warning that blockchain transactions are value-affecting, may be irreversible once confirmed, and can grant spending authority or destroy tokens. In the context of an agent skill, this omission is dangerous because a user may invoke powerful state-changing actions with real assets or permissions without understanding the consequences.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs users to configure a PRIVATE_KEY but provides no warning about secret-handling, storage, scope, or the financial risk of exposing a signing key. Because this skill can perform token write operations, compromise or misuse of the private key could enable unauthorized transfers, approvals, minting, or burning through the connected account.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal