ClawHub

mintyouragent

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Solana wallet and agent toolkit, but it needs Review because it exposes wallet keys and can sign or spend funds with under-scoped confirmations and disclosures.

Install only if you intentionally want an agent-accessible Solana wallet. Use a dedicated low-balance wallet, prefer devnet or dry-run first, avoid unattended --yes or --skip-balance-check use, do not log --json setup/export output, protect ~/.mintyouragent/ and RECOVERY_KEY.txt, and review API/RPC/SSL environment variables before any mainnet funds are present.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Findings (15)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill advertises significant capabilities including filesystem access, environment-variable handling, network communication, and shell/Python execution, but does not declare permissions. This reduces transparency and prevents users or agent frameworks from making informed trust decisions before invoking a wallet-handling, networked crypto tool.

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The declared description understates the skill's effective scope relative to the documented behavior: it handles private keys, exports/imports wallets, signs messages, performs transfers, interacts with remote APIs, and reads broader local identity files. In a crypto context, this mismatch is dangerous because users may grant trust based on a narrower description while exposing funds, secrets, and local profile data to a much more powerful tool.

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill metadata understates the tool's capabilities by omitting that it can create/import/export wallets and print private keys. In an agent-skill ecosystem, misleading scope disclosure is dangerous because users may authorize installation expecting profile-linking or token launch support, not broad key-management behavior.

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The description omits that the CLI can sell tokens and collect creator fees, both of which can move on-chain assets. Hidden asset-moving functionality is security-relevant because operators may install the skill for launching/linking and not realize it also supports liquidation and fee withdrawal flows.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The metadata says the skill reads SOUL.md for profile linking, but the code searches for and summarizes additional workspace files such as IDENTITY.md, USER.md, MEMORY.md, and AGENTS.md. That broader local file access increases privacy risk because agents/users may expose more identity and operational context than the manifest implies.

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The preflight check uses an HTTP response object as though it were parsed JSON, so the launch-limit validation can malfunction and be bypassed unintentionally. In this CLI, that check is supposed to run before spending SOL; if it fails open, users may still pay platform fees and execute launches despite server-side denial or unexpected state.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README promotes real-SOL poker and token launch capabilities but does not prominently warn that these actions can spend real funds and trigger irreversible on-chain transactions. In an AI-agent context, this is especially risky because operators may enable autonomous or headless usage without appreciating the financial consequences of misconfiguration or unintended execution.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The wallet storage section documents a plaintext recovery artifact (RECOVERY_KEY.txt) and local wallet files without a strong warning about the sensitivity of those materials. If users or autonomous agents mishandle backups, logs, or filesystem permissions, an attacker who gains local access or reads synced/home-directory data could recover the wallet and steal funds.

Missing User Warnings

High
Confidence
97% confidence
Finding
The poker join flow signs an unsigned deposit transaction returned by a remote API without showing the user decoded transaction details or obtaining explicit confirmation. Because this tool manages a local wallet, a compromised or malicious backend could present a different transaction that transfers funds elsewhere, and the client would sign it automatically.

Missing User Warnings

High
Confidence
97% confidence
Finding
The reload flow repeats the same unsafe pattern by signing a server-supplied transaction without user-facing disclosure or verification. In a wallet-bearing CLI, automatic signing of opaque remote transactions is especially dangerous because it undermines the claim that signing is local and safe.

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
| `--dry-run` | ❌ | Test without launching |
| `--preview` | ❌ | Preview parameters |
| `--tips` | ❌ | Show first-launch tips |
| `-y, --yes` | ❌ | Skip confirmation prompts |

### Launch Examples
Confidence
82% confidence
Finding
Skip confirmation

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
| `--retry-count` | Number of retries |
| `--priority-fee` | Priority fee (microlamports) |
| `--skip-balance-check` | Skip balance verification |
| `-y, --yes` | Skip confirmation prompts |

---
Confidence
87% confidence
Finding
Skip confirmation

Session Persistence

Medium
Category
Rogue Agent
Content
### .env File Support

Create a `.env` file in `~/.mintyouragent/.env`:

```bash
# ~/.mintyouragent/.env
Confidence
80% confidence
Finding
Create a `.env` file in `~/.mintyouragent/.env`: ```bash # ~/.mintyouragent/.env SOUL_API_KEY=your_api_key HELIUS_RPC=https://your-rpc.helius.xyz ``` The CLI loads `.env` from `~/.mintyouragent/.env

Unsafe Defaults

Medium
Category
Tool Misuse
Content
| "No wallet found" | `python mya.py setup` |
| "Insufficient balance" | Send SOL to your wallet |
| "Symbol must be ASCII" | Use only A-Z, 0-9 |
| "SSL verification failed" | Set `SOUL_SSL_VERIFY=false` (not recommended) |
| "Wallet integrity failed" | Restore from backup |
| "Network error" | Check internet connection |
| "Rate limit exceeded" | Wait or hold $SOUL token |
Confidence
84% confidence
Finding
VERIFY=false

Unsafe Defaults

Medium
Category
Tool Misuse
Content
| "No wallet found" | `python mya.py setup` |
| "Insufficient balance" | Send SOL to your wallet |
| "Symbol must be ASCII" | Use only A-Z, 0-9 |
| "SSL verification failed" | Set `SOUL_SSL_VERIFY=false` (not recommended) |
| "Wallet integrity failed" | Restore from backup |
| "Network error" | Check internet connection |
| "Rate limit exceeded" | Wait or hold $SOUL token |
Confidence
84% confidence
Finding
SSL_VERIFY=false

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal