ClawHub

Swap Integration

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent PancakeSwap integration guide, but it includes live wallet signing, unlimited approvals, and transaction broadcasting examples without enough safety gating for real funds.

Install only if you are intentionally building PancakeSwap functionality. Treat generated code as funds-impacting: use testnet or low-value wallets first, do not paste private keys into prompts, review every spender address and allowance, prefer bounded approvals, and do not run any script that can broadcast a transaction until you have verified chain, token, amount, recipient, slippage, and deadline.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger text is overly broad and includes generic phrases like 'create a swap script' and 'add swap functionality', which can cause this skill to activate in contexts where the user did not explicitly request PancakeSwap-specific integration. That increases the chance the agent applies high-risk wallet, approval, and transaction guidance opportunistically in unrelated development flows.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to load a private key from environment variables and create a signing wallet client, then later approve tokens and send live on-chain transactions, but it does not prominently warn about irreversible real-fund loss, approval risk, key exposure, or the need to use testnets first. In a wallet/DEX context, omission of these warnings materially increases the chance of unsafe execution with real assets.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal