ClawHub

ClawLaunch

Security checks across malware telemetry and agentic risk

Overview

This is a coherent crypto token launch and trading skill, but it should be reviewed because it enables real financial actions with limited built-in confirmation, spending limits, or safety controls.

Install only if you intentionally want an AI-assisted crypto launch and trading integration. Use testnet or a low-balance isolated wallet first, keep the API key least-privilege, require manual confirmation before any launch or signed transaction, set explicit spend and sell limits, verify chain ID and transaction targets, and never put private information in on-chain memos.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill advertises shell-based capabilities through required binaries and extensive curl/jq usage, but does not declare corresponding permissions. That mismatch can cause the host to under-enforce execution boundaries and gives the skill more effective capability than its manifest suggests.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill encourages attaching free-form memos to trades that are permanently recorded on-chain and later retrievable. Users or autonomous agents may include strategy details, internal reasoning, identifiers, or sensitive data, creating irreversible public disclosure and possible doxxing or trading-strategy leakage.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The autonomous trading loop examples show real buy/sell logic against production endpoints without a strong warning that they can move funds and place live trades. In an agent setting, cookbook automation like this materially increases the risk of unintended financial loss, especially when combined with stored API keys and wallet infrastructure.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The document explicitly promotes autonomous token launches, discovery, and trading, but it does not include a clear warning that these actions can spend real funds, create financial exposure, and cause rapid losses. In the context of an agent skill, this omission is risky because downstream implementers may copy these patterns into autonomous systems without adding user-consent, risk limits, or human approval gates.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The reference includes private-key-based transaction execution examples for live on-chain trades without an explicit warning that transactions are irreversible, externally sourced calldata must be trusted and verified, and users can lose funds through bad parameters, malicious API responses, or chain misconfiguration. In a trading skill, this omission materially increases the chance that operators copy-paste unsafe patterns into production or autonomous agents sign transactions they do not fully validate.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The script exposes high-risk financial operations such as token launches and buy/sell quote generation without any built-in warning, confirmation, or safety interlock. In the context of an agent skill for autonomous token trading, this increases the chance of accidental or prompt-induced irreversible actions, especially when commands are executed non-interactively.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal