ClawHub

Apechain Reader

Security checks across malware telemetry and agentic risk

Overview

This is a read-only blockchain wallet analysis skill with expected third-party lookups and optional Alchemy use, but no evidence of hidden mutation, persistence, or exfiltration.

Reasonable to install for read-only wallet analysis. Be aware that queried addresses, contract addresses, chain choices, and timing can be visible to public RPC providers, CoinGecko, and Alchemy if enabled; use a dedicated Alchemy key and private/custom RPCs for sensitive investigations, and do not rely on ENS support or intermittent chains without testing them first.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill explicitly states it uses public RPC endpoints and optional external APIs, but the metadata declares no required permissions or environment usage. This creates a transparency and policy-enforcement gap: operators and users may assume the skill is local-only when it actually performs outbound network requests and can consume optional secrets from the environment.

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The report materially overstates readiness by presenting a 95% pass rate and broad production suitability while documenting that only 4 of 8 supported chains were successfully tested and several timed out. This can mislead operators into enabling or trusting unsupported network functionality, increasing the chance of failed analyses, incorrect assumptions about coverage, and risky operational decisions.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The final approval section asserts the skill is approved for production use despite the report's own evidence that half of the advertised networks were not successfully functioning during testing. In a security-sensitive due-diligence tool, this discrepancy can cause users to rely on incomplete or unavailable chain coverage, producing blind spots during investigations.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The README advertises wallet analysis features that use third-party services such as CoinGecko and Alchemy, but it does not warn users that wallet addresses, ENS names, and related lookup metadata may be sent to external providers. While blockchain addresses are public, user queries can still reveal investigative interest, link identities to wallets, or create observable usage logs at those providers.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill encourages users to submit wallet addresses and ENS names for analysis without clearly warning that these identifiers will be sent to third-party RPC/API services. This can expose sensitive investigation targets, analyst interest, or user-linked blockchain identities to external providers, which is especially relevant in due-diligence and monitoring workflows.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The production approval omits any warning that wallet lookups depend on third-party RPC endpoints, which can expose queried addresses, timing, and usage patterns to external infrastructure providers. For a wallet-analysis skill used in investigations or due diligence, that privacy leak can reveal analyst interest in specific wallets or targets and may violate user expectations or organizational data-handling requirements.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal