ClawHub

evm-analyst

Security checks across malware telemetry and agentic risk

Overview

This is a read-only blockchain analysis skill with a narrow external lookup disclosure gap, but no hidden code, persistence, credential access, or destructive behavior.

Install only if you are comfortable using external blockchain analytics and signature lookup services. For sensitive investigations, avoid submitting addresses, transaction hashes, or topic hashes whose association with your work must remain private, and review the registered Dune queries before use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The documentation explicitly states that when the local topic0 dictionary misses, the skill will query the OpenChain Signature Database API. That behavior expands the skill beyond the declared 'fixed registered Dune queries only' scope and can cause unreviewed outbound network access, creating both policy drift and data egress risk.

Description-Behavior Mismatch

Medium
Confidence
98% confidence
Finding
The skill metadata says it uses only fixed registered Dune queries, but this file documents additional use of the OpenChain API. That mismatch is security-relevant because reviewers and users may rely on the manifest to understand the network and trust boundary, while the implementation/documentation indicates broader behavior.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The markdown describes a fallback to an external API but provides no warning that data may leave the local environment. Even if only topic0 hashes are sent, silent transmission to a third party can violate user expectations, internal policy, or privacy requirements, especially in constrained analysis workflows.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal