ClawHub

Crypto Chart

Security checks across malware telemetry and agentic risk

Overview

This skill fetches cryptocurrency prices from disclosed public APIs and creates temporary chart images, with cleanup instructions that should be limited to files it generated.

Install this if you are comfortable sending token symbols and chart durations to CoinGecko or Hyperliquid. When using the image cleanup flow, delete only the generated crypto_chart files returned by the script, and avoid passing unusual symbols or shell metacharacters as token names.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill invokes a Python script, performs network access to external APIs, and reads/writes files in both /tmp and the workspace, yet declares no permissions. That mismatch weakens platform enforcement and user/operator visibility, making it easier for the skill to use capabilities that were not explicitly approved.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The description says to use the skill for token price, crypto price, price chart, or cryptocurrency market data, which is broad enough to trigger on many general finance or market questions. Over-broad routing can cause the agent to invoke code, network calls, and file operations unexpectedly when a simpler or safer response path would suffice.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
1. Copy from `/tmp` to workspace: `cp <chart_path> ./crypto_chart_<SYMBOL>_<duration>.png`
2. Send: `message(action="send", filePath="./crypto_chart_<SYMBOL>_<duration>.png", message="<text_plain>")`
3. **MANDATORY cleanup** — run both commands regardless of send result:
   - `rm ./crypto_chart_<SYMBOL>_<duration>.png`
   - `rm <chart_path>`
4. Reply `NO_REPLY`.
Confidence
95% confidence
Finding
rm ./

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal