ClawHub

megaethss-developer

Security checks across malware telemetry and agentic risk

Overview

This MegaETH developer guide includes high-impact wallet guidance and an undisclosed xAI/X search script that can use an API key and send queries externally.

Review before installing. Use the MegaETH guidance only with explicit approval for any signing, swap, bridge, payment, approval, delegation, or mainnet action. Do not expose XAI_API_KEY or run the bundled search script unless you intentionally want to send queries to xAI and accept that API/account use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill advertises operational capabilities involving wallets, RPC access, WebSocket subscriptions, bridging, swaps, and headless signing, yet the file declares no explicit permissions. That mismatch can cause the runtime or user to underappreciate that network access and environment-backed secrets may be used, weakening transparency and consent around sensitive operations.

Tp4

High
Category
MCP Tool Poisoning
Confidence
96% confidence
Finding
A description-behavior mismatch is a serious trust violation: the skill claims to be a MegaETH development guide, but the detected behavior indicates unrelated outbound requests to api.x.ai using an API key and X/Twitter search features. Hidden functionality of this kind can exfiltrate data, misuse secrets, or perform unauthorized external actions under false pretenses, making the skill substantially more dangerous in a wallet- and signing-oriented context.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
This script introduces a social-media search capability using the external xAI Grok API, which is unrelated to the declared MegaETH development purpose of the skill. In an agent-skill context, out-of-scope network-enabled functionality is risky because it expands the attack surface, can be invoked unexpectedly, and may facilitate unreviewed data flows to a third party.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The code reads XAI_API_KEY from the environment and uses it to call an unrelated external service, despite that credential and capability not being justified by the skill's stated MegaETH function. In a skill environment, harvesting additional credentials increases the chance of secret misuse, unauthorized billing, and covert external communications using host-provided secrets.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill explicitly covers wallet management, swaps, bridging, headless signing, delegations, and payments, all of which can move assets or grant durable authority, but it does not include strong user warnings or safety gates for irreversible actions. In this context, omission of risk disclosures increases the chance of accidental fund loss, overbroad approvals, or unsafe delegation usage by users who may treat the skill as routine developer guidance.

External Transmission

Medium
Category
Data Exfiltration
Content
def redirect_request(self, req, fp, code, msg, headers, newurl):
        raise HTTPError(newurl, code, f"Redirect to {newurl} blocked (auth safety)", headers, fp)

API_URL = "https://api.x.ai/v1/responses"
MODEL = "grok-4.20-reasoning"
TIMEOUT_S = 120
MAX_HANDLES = 10
Confidence
93% confidence
Finding
https://api.x.ai/

Env Variable Harvesting

High
Category
Data Exfiltration
Content
def search(options: dict) -> None:
    api_key = os.environ.get("XAI_API_KEY", "").strip()
    if not api_key:
        die("XAI_API_KEY environment variable is not set.")
Confidence
98% confidence
Finding
os.environ.get("XAI_API_KEY

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal