ClawHub

chain-audit-deploy-skill

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a coherent blockchain audit/deploy helper, but it can handle real wallet credentials and on-chain deployments in ways that need careful review before use.

Review this skill before installing for production use. Prefer testnets, dry runs, dedicated low-balance deploy wallets, hardware wallets or keystores, and explicit network/account checks. Do not use shared or production private keys with the current Solidity helper unless the private-key error-output issue is fixed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The README advertises very broad natural-language triggers such as '审计我的合约' and '部署到测试网', which can overlap with ordinary user conversation and cause the skill to activate unexpectedly. In a skill that can progress from audit into deployment actions, ambiguous invocation increases the risk of unintended execution paths, especially if the hosting agent auto-routes based on loose semantic matching.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
This section provides live deployment commands that include use of a private key and blockchain broadcast/verification actions, but it does not explicitly warn that these operations can spend funds, create irreversible on-chain state changes, or expose secrets if shell history, environment variables, or logs are mishandled. In a skill specifically intended for auditing and deployment, users are more likely to copy-paste these commands directly, which increases the likelihood of unsafe execution on mainnet or with production credentials.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The Sui publish and upgrade examples document commands that directly create or modify on-chain packages and consume gas, but they omit a clear warning that these actions are not easily reversible and can affect production assets or upgrade authority state. Because this skill's purpose includes deployment, the omission is materially risky: users may treat the examples as routine build steps rather than financially and operationally sensitive actions.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The Solana deployment instructions use a local keypair path and program deploy commands without explicitly warning that the referenced key material is sensitive and that deployment changes live network state. This is dangerous because users may reuse default wallet paths, deploy to the wrong cluster, or expose operational keys on shared systems while performing irreversible or costly actions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal