ClawHub

Garden Temp Market (GTM)

Security checks across malware telemetry and agentic risk

Overview

The skill is for a real ETH prediction market and matches that purpose, but it gives agents ready-to-use betting transactions and raw private-key command examples without enough safeguards.

Review carefully before installing or using. Treat every generated bet transaction as a real Base mainnet transaction that can spend ETH and may be irreversible. Verify the contract address and rules independently, use a separate low-balance wallet, never paste a main wallet private key into chat or shared terminals, and require manual approval for every transaction.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation instructs users to execute a value-bearing transaction with a raw private key on the command line and does so without any warning that the action moves real funds irreversibly on Base. This creates a realistic risk of unsafe key handling, accidental mainnet spending, and user loss, especially if copied by less experienced users or agents.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The AI-agent section provides a natural-language prompt and raw transaction payload that can directly authorize a real on-chain bet, but it does not warn that this causes an actual transfer of ETH to a betting contract. In an agent context this is more dangerous because the instructions are already formatted for automation, increasing the chance of unintended or insufficiently reviewed fund transfers.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill provides ready-to-submit, value-bearing transaction payloads and commands that send ETH to a contract, but it does not prominently warn users that blockchain transactions are irreversible, may fail, and can result in total fund loss if the contract, market rules, or assumptions are wrong. In an agent-skill context, this is more dangerous because an automated agent may treat the examples as approval to execute real-money transactions without sufficient user confirmation or risk disclosure.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The `cast send` examples instruct use of `--private-key $KEY` without any credential-handling warning, normalization toward safer signing methods, or guidance against exposing secrets in shell history, logs, process lists, or agent tooling. In an agent or automation setting, this materially raises the risk of secret leakage and wallet compromise, which can lead to complete theft of onchain assets.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
When `--from` is not supplied, the script silently fetches cheatcode definitions from a remote GitHub URL and uses that data to generate source code. This creates a supply-chain trust boundary: if the remote content, transport, or upstream repository is compromised, a user may generate and commit attacker-influenced code without realizing network input was involved.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The library exposes helper functions that build value-bearing blockchain transactions for a betting contract, and the CLI actively encourages submission of those transactions, but it does not present any explicit warning that this spends real funds on Base mainnet or that blockchain transactions are typically irreversible. In an agent-skill context, this increases the chance that a user or autonomous system may treat the output as a harmless preview rather than a real-money wager, leading to unintended financial loss.

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal