ClawHub
Back to skill

Security audit

Crypto Tax Agent

Security checks across malware telemetry and agentic risk

Overview

This is a plain instruction-only crypto tax workflow; it handles sensitive wallet and tax data for its stated purpose, so users should apply privacy controls.

Before installing, treat wallet addresses, exchange CSVs, transaction histories, API keys, and generated tax forms as sensitive financial records. Use user-approved storage, limit what is sent to third-party APIs, document client consent where relevant, and have a qualified tax professional review final filings and uncertain positions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
80% confidence
Finding
The skill explicitly says to stop work and escalate when OFAC-sanctioned protocol interactions are detected, but later sections define standardized deliverables for every engagement without restating that exclusion. That inconsistency can cause an agent to continue processing, summarizing, and packaging sanctioned-activity data despite the earlier stop-work rule, creating legal/compliance risk and potentially facilitating prohibited services.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
This skill is designed to ingest and generate extremely sensitive financial, tax, wallet, and transaction records, including audit-defense materials and cross-chain histories, but it provides no explicit privacy, retention, minimization, consent, or secure-handling guidance. In an agent setting, that omission increases the chance that highly sensitive client data will be over-collected, retained too long, exposed in logs, or sent to third-party tools without adequate controls.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal