ClawHub

SUPAH Base Intelligence

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a crypto intelligence tool that can send wallet data to a third-party paid API and encourages automated trading patterns without enough upfront consent and risk controls.

Review this carefully before installing. Use a dedicated low-balance wallet for any x402 payments, confirm every paid API call and any trade manually, and avoid submitting wallet addresses unless you are comfortable with api.supah.ai receiving and potentially retaining them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Tp4

High
Category
MCP Tool Poisoning
Confidence
90% confidence
Finding
The skill is presented as Base token intelligence, but the documented/observed behavior includes broader capabilities such as arbitrary wallet analysis, ETH market regime lookups, and discovery feeds not clearly disclosed in the primary description. This kind of scope mismatch can mislead users and agents into sending unintended data or triggering networked, paid actions they did not expect.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README describes wallet analysis and x402 micropayments but does not give a clear, prominent warning that invoking these commands transmits wallet addresses to a third-party API and can automatically spend USDC per request. In an agent setting, users may treat examples as low-risk local operations, so the omission can lead to unintended privacy disclosure and unexpected paid transactions.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The automated trading example shows direct auto-execution of trades based on API-provided signals without any warning about financial loss, false positives, manipulated market data, or the need for human approval and risk controls. In a trading skill, example code is highly likely to be copied into production workflows, making this omission materially dangerous.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill offers wallet analysis while also stating that the agent's x402 HTTP client pays automatically, but it does not clearly warn that wallet addresses and portfolio-related data will be transmitted to `api.supah.ai` and may incur charges. This creates a privacy and consent issue: users may expose sensitive financial graph data and trigger billable requests without informed approval.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill sends a user-supplied wallet address to a third-party remote API for portfolio analysis without any explicit privacy notice or consent at the point of use. While wallet addresses are public on-chain, submitting them to an external service enables correlation, profiling, retention, and linkage to the user's activity beyond what the user may expect from a local CLI command.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal