ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Nadfun Skill

v0.1.0

Launch, trade, and monitor Monad blockchain tokens using bonding curves, permit signatures, and on-chain event queries with viem integration.

2· 1.6k·0 current·0 all-time
by@zaki9501
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The SKILL.md is an integration guide for a Monad/NadFun token launchpad (blockchain trading, token creation, signing). The registry metadata provides no description and declares no required credentials or env vars, which is inconsistent with the guide's needs (see PRIVATE_KEY usage). Requesting a private key would be appropriate for signing transactions, but the metadata doesn't declare that requirement.
!
Instruction Scope
Runtime instructions explicitly read process.env.PRIVATE_KEY, create a wallet client, sign nonces/messages, and manage API keys via session cookies. Those actions allow on-chain transactions and API-key CRUD. The guide also instructs uploading images and using API endpoints. The instructions therefore access sensitive secrets and perform network interactions beyond a simple read-only integration, but the skill metadata gives no indication of these behaviors.
Install Mechanism
There is no install spec beyond a suggested 'npm install viem'. This is a minimal, expected dependency for a viem-based integration and represents low install risk.
!
Credentials
The documentation uses PRIVATE_KEY (sensitive) and handles session cookies for API key management, but the skill metadata lists no required env vars or primary credential. Sensitive credential access is therefore not declared or justified in the metadata, which is a proportionality and transparency problem.
Persistence & Privilege
always:false and no install or code files means the skill does not request persistent/system-wide privileges. It is user-invocable and can be invoked autonomously (platform default), but that alone is not an additional red flag here.
What to consider before installing
Do not install or run this skill until the author clarifies credential needs. Key concerns: (1) SKILL.md reads process.env.PRIVATE_KEY and signs messages — that gives full transaction authority for the associated wallet; never put high-value private keys in an environment used by third-party skills without explicit trust and code review. (2) The metadata does not declare the PRIVATE_KEY or any credential requirement — ask the developer to update the registry metadata to list required env vars (e.g., PRIVATE_KEY) and explain exactly when signing is performed. (3) Prefer interactive signing (connect a hardware wallet or prompt the user) or ephemeral keys rather than storing a private key in agent env. (4) Verify the apiUrl/rpcUrl endpoints and the project origin (nad.fun / nadapp.net) before using — confirm they are legitimate. If you must proceed, run the code in an isolated environment, audit network calls, and avoid exposing any high-value keys.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dsq1ca6jtyr0nqeetvjdjzn80heve

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments