ClawHub

cetus

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Cetus DeFi SDK skill; its financial transaction examples are expected for the stated purpose but should be handled carefully.

Install this only if you want an agent to reference Cetus SDK documentation. Treat every transaction, swap, burn, DCA, and wallet-signing example as potentially real financial activity: use testnet first, verify network, token amounts, pool or position IDs, slippage, and recipient or contract addresses, pin package versions where possible, and never provide a private key or approve signing unless you understand the exact transaction.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The Burn SDK section documents permanent liquidity lock operations and mentions irreversibility, but it does not give a strong, explicit safety warning about permanent loss of access to the underlying position. In a DeFi skill, users may copy examples directly, so understated warnings can lead to irreversible asset loss through misunderstanding rather than technical compromise.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The examples show direct transaction submission with a signing key, which can trigger real on-chain asset movement if copied into a live environment. Without an explicit warning about mainnet execution, wallet key handling, and financial consequences, this increases the risk of accidental trades or transfers by users or downstream agents.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The fastRouterSwap example performs a signed swap using discovered routes, but the surrounding text does not clearly warn about live trading risk, slippage loss, MEV/price movement, or route validation. In a swap aggregator context, users may assume the 'fast' path is safe by default and execute value-bearing trades without understanding the market and execution risks.

VirusTotal

42/42 vendors flagged this skill as clean.

View on VirusTotal