ClawHub
Back to skill

Security audit

Solana Portfolio

Security checks across malware telemetry and agentic risk

Overview

This looks like a real Solana portfolio tracker, but it needs review because it links wallet data to Telegram IDs and can change stored wallet records with limited visible access control.

Install only if you are comfortable linking public Solana wallet addresses to a Telegram identity and you trust the host/runtime to bind the Telegram user ID to the actual caller. Do not provide private keys or seed phrases. Review the shared service modules before relying on this skill because they implement the actual storage, authorization, and portfolio-fetching behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger guidance includes broad keywords such as '组合'、'余额'、'持仓'、'钱包', which can overlap with ordinary financial or conversational context and cause the skill to activate when the user did not specifically request Solana portfolio management. In an agent setting, over-broad activation can expose wallet-linked data, invoke scripts unnecessarily, or steer the conversation into sensitive account-management flows without clear user intent.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
This script performs an irreversible portfolio change immediately after receiving parameters, with no explicit confirmation, dry-run, or secondary check that the request was intentional. In an agent or chat-driven workflow, ambiguous parsing, prompt injection, or accidental invocation could cause unauthorized or unintended removal of a tracked wallet from a user's portfolio.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal