ClawHub

Jupiter Skill for OpenClaw

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Jupiter/Solana DeFi skill, but it deserves review because it can sign and broadcast transactions that move real funds.

Install only if you are comfortable using an agent-assisted workflow for real Solana transactions. Use a dedicated low-balance wallet, verify every token, amount, market, destination, duration, and transaction payload before signing, and avoid allowing the agent to autonomously sign or broadcast transactions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The prediction-markets workflow instructs users to create, sign, and submit on-chain orders, but does not give a strong user-facing warning that these actions can move funds irreversibly and may incur losses. In a trading skill that signs blockchain transactions, omission of explicit loss/irreversibility warnings materially increases the risk of unintended asset movement or users treating examples as low-risk read-only actions.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The lending deposit and withdrawal sections provide direct sign-and-send flows for moving assets without clearly warning that these are live on-chain asset transfers subject to smart-contract, market, and execution risk. Because the skill centers on financial automation with wallet signing, missing warnings make accidental or uninformed asset commitment more dangerous than in a purely informational context.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The limit-order and recurring/DCA sections document creation and cancellation flows that can lock funds, authorize future automated executions, and trigger repeated trades, yet they lack prominent warnings about ongoing financial exposure and irreversible on-chain effects. In this context, automated future execution makes the omission more dangerous because users may not appreciate that risk persists beyond the initial transaction.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal