ClawHub

Deal Works Mcp

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for deal and fund operations, but it exposes high-impact money movement and agent deployment actions without enough documented safety boundaries.

Install only if you trust the publisher and can constrain the API key to the minimum needed permissions. Treat transfers, cash-outs, escrow changes, dispute filing, vault sealing, and agent deployment as human-approved actions: verify recipients, amounts, wallet addresses, and deal IDs before allowing an agent to run them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill declares access to an API key and networked MCP server behavior but does not expose explicit permissions or user-facing authorization boundaries in the skill manifest. For a finance- and agent-deployment-oriented skill, hidden environment and network capabilities reduce transparency and can cause users or host frameworks to under-estimate what the skill can access and transmit.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README advertises high-impact capabilities including fund transfers, escrow locking, cash-outs, agent deployment, dispute filing, and document vault operations, but it does not prominently warn users that these actions can move money, deploy autonomous systems, or create irreversible business records. In an AI-agent context, presenting these tools without clear confirmation requirements, scope limitations, or consequence warnings increases the risk of unsafe or unintended execution by downstream users or agent operators.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill prominently documents sensitive actions such as transferring funds, locking escrow, cashing out to external wallets, funding agents, and deploying autonomous agents, but it does not warn users about irreversible financial loss, on-chain finality, or operational consequences of deployment. In a financial/blockchain context, missing safety guidance materially increases the chance of accidental high-impact actions being initiated by users or agents without adequate confirmation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal