ClawHub

Cabin Sol

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Solana development tutorial; it includes real blockchain and installer commands users should review, but no hidden, deceptive, or exfiltrating behavior was found.

Safe to install as a reference skill, but treat its code as educational starting material. Use localnet or devnet and a test wallet while learning, inspect remote installer commands before running them, confirm the active Solana cluster before deployment, and review/fix the noted sample-code issues before using any example in production.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The release path validates that the destination token account is owned by the intended recipient, but it does not verify that the destination account uses the same mint as the escrow vault. In SPL Token transfers, source and destination mints must match, so a mismatched account will cause the transfer to fail and can leave the escrow unreleasable while still allowing the escrow account to be closed in the same instruction flow, which risks fund loss or denial of service depending on runtime behavior and account state.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The example converts `price.price` from `i64` to `u64` before handling sign, so a negative oracle price would wrap into a huge unsigned integer and produce an invalid result. Although negative prices are uncommon for many assets, this is still dangerous in tutorial code because developers may copy it into production logic, leading to incorrect pricing, broken accounting, or unsafe protocol decisions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal