ClawHub

Moralis Data Api

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Moralis API helper whose main risks are expected third-party wallet/API-key use and one clearly documented NFT metadata resync action.

Install this if you are comfortable with an agent sending queried wallet addresses, contract addresses, token/NFT identifiers, timing, and API-key-authenticated requests to Moralis. Keep MORALIS_API_KEY in an environment variable or secret store, avoid logging it, and require an explicit user request before using the NFT metadata resync endpoint because it can change Moralis cached metadata.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (13)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The file documents a state-changing NFT metadata resync endpoint even though the skill metadata frames the integration as a query/read-oriented blockchain data API. That mismatch can cause an agent or user to invoke a mutating operation when they reasonably expect only passive data retrieval, violating least surprise and potentially triggering unwanted writes or expensive background jobs.

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
Using GET for an operation explicitly described as updating metadata and executing a resync breaks HTTP safety expectations. Agents, browsers, proxies, or automated tooling may prefetch, cache, or replay GET requests under the assumption they are side-effect free, causing unintended resync operations.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The skill directs users to store an API key in a local `.env` file and only briefly mentions `.gitignore`, without clearly warning that the file contains a reusable secret that must be protected from source control, logs, screenshots, shell history, and broad filesystem access. This is a real but low-severity secret-handling weakness because it can lead to accidental credential exposure, especially in shared workspaces or misconfigured repositories.

Missing User Warnings

Low
Confidence
91% confidence
Finding
The skill sends wallet addresses and associated DeFi portfolio queries to a third-party API but does not warn users about the privacy implications of sharing on-chain identifiers with an external service. While wallet addresses are public on-chain, submitting them through this skill can still reveal user interest, link activity across sessions, and expose sensitive financial profiling to the API provider.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The skill documents sending user-supplied NFT identifiers and an API key to a third-party service without any privacy, consent, or data-handling warning. In an agent context, this can cause unannounced transmission of user-request-derived data to Moralis, which is sensitive from a privacy and secret-handling perspective even if the transmitted NFT identifiers are usually public blockchain data.

Missing User Warnings

Low
Confidence
93% confidence
Finding
The skill documentation directs use of a wallet address with a third-party Moralis endpoint and an API key, but does not warn that user-provided wallet identifiers will be transmitted off-platform. While wallet addresses are public blockchain identifiers, sending them to an external service can still create privacy, compliance, and user-consent issues, especially when queries are tied to a user session or combined with other metadata.

Missing User Warnings

Low
Confidence
93% confidence
Finding
This rule documents an authenticated third-party API call but does not clearly warn that user-supplied token addresses and query parameters are sent to Moralis and that an API key is required. In an agent context, this can cause unintended disclosure of user query data to an external service and can lead to accidental misuse or exposure of the API credential if developers do not handle secrets and consent properly.

Missing User Warnings

Low
Confidence
91% confidence
Finding
The documentation instructs sending a wallet address to Moralis along with an API key, but it does not disclose that wallet-related data will be transmitted to a third-party service. Even though blockchain addresses are often public, associating a user-supplied address with API access and lookup behavior can create privacy and consent issues, especially in an agent context where users may not realize external data sharing is occurring.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documentation instructs authenticated requests to a third-party Moralis endpoint and includes transmission of both a wallet address and an API key, but it does not warn about the privacy and data-sharing implications. In an agent context, this can cause users or downstream systems to unknowingly send potentially sensitive wallet-identifying data to an external service, increasing privacy, compliance, and secret-handling risk.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill sends wallet addresses and associated NFT holdings to the Moralis third-party API without documenting that disclosure to users. Wallet addresses are pseudonymous but often linkable to identities, portfolios, and behavioral history, so silent transmission can create privacy, compliance, and user-consent risks.

Missing User Warnings

Low
Confidence
94% confidence
Finding
This is a real privacy/transparency issue because the skill instructs use of a third-party Moralis endpoint with a wallet address but does not warn that the queried address will be transmitted off-platform. Wallet addresses are public on-chain, but sending a user-supplied address to an external provider can still expose user interest, investigation targets, and request metadata, making the omission a meaningful though low-severity vulnerability.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs sending a wallet address to Moralis, a third-party API, but does not warn that wallet addresses and associated portfolio data will be disclosed externally. Even though blockchain addresses are often public, linking a user-supplied address to an agent interaction can expose sensitive financial context, tracking information, and user intent to the provider.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This documentation describes sending a wallet address and related query parameters to Moralis using an authenticated third-party API, but it provides no warning that user-supplied blockchain identifiers and query context will be transmitted off-platform. Wallet addresses are pseudonymous rather than secret, but they can still reveal transaction history, balances, counterparties, and behavioral patterns, so lack of disclosure can create privacy and compliance risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal