ClawHub

Abstract Toolkit

Security checks across malware telemetry and agentic risk

Overview

This skill is purpose-built for Abstract blockchain work, but it gives an agent live private-key authority to move funds and make arbitrary mainnet contract calls without built-in confirmation safeguards.

Install only if you intentionally want an agent-accessible Abstract mainnet toolkit. Use a dedicated low-balance wallet, prefer testnet first, avoid long-lived raw private keys, and manually verify every chain, address, router, ABI, token, amount, approval, and transaction before allowing any write operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Context-Inappropriate Capability

High
Confidence
95% confidence
Finding
In write mode, the script signs and submits transactions to any user-supplied contract address using any user-supplied ABI and function name, with arbitrary arguments and ETH value. In an agent setting, this creates a powerful arbitrary on-chain write primitive that can approve token spending, transfer assets, call malicious contracts, or irreversibly change state far beyond the intended deployment/bridging use cases.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill documents bridging, deployment, transfers, swaps, and arbitrary contract writes on Abstract mainnet without prominent warnings that these actions are irreversible and can cause permanent asset loss. In an agent context, this is particularly dangerous because users may treat the examples as routine automation steps and trigger real-money transactions without understanding slippage, wrong-address, wrong-contract, or wrong-network consequences.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The document instructs users to export a raw private key into an environment variable and immediately use it in a script, but it provides no warning about the sensitivity of the key, secure storage expectations, or the risk of shell history, process inspection, and accidental logging. In a blockchain deployment/bridging skill, mishandling a wallet private key can directly lead to theft of funds and total compromise of the signer account and any AGW actions derived from it.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The script executes state-changing transactions immediately once --write is set, without any confirmation prompt, preview, or safety interlock. Because blockchain writes are often irreversible and may move assets or grant approvals, an agent or user mistake can rapidly cause permanent loss or unauthorized contract interactions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This script submits real on-chain approval and swap transactions immediately after parsing CLI arguments, with no interactive confirmation, dry-run mode, or explicit final warning before funds are moved. In an agent skill context, that is dangerous because an automated workflow, bad parameter injection, or a misconfigured DEX router can cause irreversible asset movement or approvals without meaningful human review.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal