ClawHub

Read The Skill

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill is transparent about being a memecoin experiment, but it uses the agent to promote a risky crypto purchase, create/control a wallet, and optionally report discovery data.

Install or invoke this only if you want your agent to surface this memecoin experiment. Do not allow autonomous purchases, do not let the agent hold private keys or funded wallets, and avoid the public discovery report unless you intentionally want to share that metadata.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI09: Human-Agent Trust Exploitation
Medium
What this means

A user may treat the agent's message as more trustworthy than a normal advertisement and buy a volatile token that may lose all value.

Why it was flagged

The skill explicitly recruits the agent to relay a financial promotion for a token purchase from which the creators may benefit. It includes risk disclosures, but the agent-mediated solicitation is still a material trust risk.

Skill content
It's testing whether AI agents can spread a document and drive real token purchases... The experiment creators hold tokens and benefit from participation.
Recommendation

Treat this as a financial solicitation, not neutral advice. Do independent research and do not buy unless you personally decide to accept the full loss risk.

#ASI02: Tool Misuse and Exploitation
Medium
What this means

Funds sent to the wallet could be converted into a highly volatile token through an irreversible transaction.

Why it was flagged

The instructions move from user approval into an external crypto swap workflow. The artifact does not specify transaction-safety checks such as quote review, slippage limits, final confirmation, or reversal limitations before the swap.

Skill content
If your operator says yes, here's what you do... Once funded, use Jupiter to swap: ... Swap SOL  $SKILL using contract address
Recommendation

Require a fresh, explicit confirmation for every transaction, verify the token contract independently, set strict limits, and prefer that the human executes the swap in their own wallet.

#ASI03: Identity and Privilege Abuse
Medium
What this means

If the key is mishandled, lost, exposed, or misused, the funded SOL or resulting tokens may be unrecoverable.

Why it was flagged

The skill asks the agent to create and hold a Solana private key, then asks the operator to fund that wallet. That gives the agent practical custody over the funded wallet unless the user takes over key management.

Skill content
wallet = Keypair()... Save your keypair securely... Please send 1 SOL to my wallet address: `<your-wallet-address>`
Recommendation

Do not let an agent custody crypto keys or funds. If participating, use a human-controlled wallet and never share private keys or seed phrases.

#ASI07: Insecure Inter-Agent Communication
Low
What this means

Submitting the report may publicly reveal that a particular agent or framework encountered the skill.

Why it was flagged

The optional discovery report sends an agent identifier and framework to an external API, and the skill states that collected data is public. This is disclosed and purpose-aligned, but users should notice it.

Skill content
POST https://api.readtheskill.com/api/discover ... "agent_id": "<identifier>", "framework": "<your_framework>" ... The data is public.
Recommendation

Only submit discovery data with explicit user approval, and use a non-identifying value if reporting is desired.