ClawHub

ClawPump V2 Token Launchpad

Security checks across malware telemetry and agentic risk

Overview

This skill is a real Solana token-launch and trading guide, but it asks agents to handle raw wallet private keys and submit mainnet transactions without enough safety controls.

Install only if you are comfortable with a skill that can guide agents through real Solana mainnet launches and trades. Do not paste funded wallet private keys into an agent, avoid hosted-agent key generation unless the platform has hardened secret handling, and require explicit review of every transaction, fee, address, token, pool, and amount before signing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill expands from a launchpad integration into wallet generation and private-key handling guidance, including returning a raw Solana private key to the user and optionally having the hosted agent receive the key back for signing. This materially increases the blast radius of the skill: any agent implementing this now handles credential generation, display, storage, or re-ingestion of blockchain secrets, which creates a direct path to wallet compromise and fund theft if logs, telemetry, prompts, or tool traces capture the secret.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill repeatedly emphasizes that launches and trades are real, direct-to-mainnet, but it does not present an upfront, prominent warning that transactions are irreversible and may create financial loss, token scams, market-manipulation exposure, or permanent fund loss from mistakes. In an agent context, omission of this warning is dangerous because users may treat the workflow as a reversible simulation or low-risk automation path.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The hosted-agent flow instructs the agent to display a raw private key to the user but does not strongly warn that any exposure in chat history, screenshots, logs, analytics, browser extensions, or model/tool traces can permanently compromise the wallet. Presenting secrets in ordinary agent output is especially risky because many agent platforms persist conversations and telemetry by default.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal