ClawHub

Teller MCP – Borrow USDC & Altcoins (no margin calls)

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Teller MCP integration that fetches financial data and builds unsigned blockchain transaction payloads, so users should review outputs carefully before signing anything.

Install only if you want an agent-accessible Teller finance MCP server. Treat generated borrow and repay transactions as proposals: verify wallet, chain, pool, token addresses, amounts, approvals, loan terms, and API endpoint before signing in any wallet.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill instructs users to install and run a Node-based MCP server that performs outbound network access to Teller APIs and can consume environment variables, but the skill does not declare any permissions for those capabilities. This creates a transparency and policy-enforcement gap: operators may approve or execute the skill without realizing it can access network resources and runtime configuration, which is especially relevant because it also exposes transaction-building functionality for downstream automation.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README advertises wallet-linked loan/portfolio lookups and generation of ready-to-submit on-chain borrow/repay transactions, but it provides no warning that users may expose sensitive wallet-associated financial data or accidentally sign high-impact transactions. In an agent-integrated MCP context, this omission increases the chance that operators treat the tool as low-risk infrastructure rather than something that can reveal portfolio details and facilitate irreversible blockchain actions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal