ClawHub

solana-compression-dev

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Solana compression development reference, but live-network wallet and transaction examples should be handled carefully.

Install this only for Solana compression development. Prefer localnet or devnet, use a low-balance development wallet, keep RPC keys private, review generated edits and dependency installs, and explicitly approve any mainnet transaction, deployment, close, burn, or reinitialize action before it runs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The skill’s Security section materially understates its capabilities by claiming it only provides code patterns and documentation, while the manifest explicitly permits state-changing tools such as Bash(git:*), Bash(cargo:*), Bash(anchor:*), Bash(light:*), plus Edit and Write, and the workflow instructs execution of build/test commands. This mismatch can cause operators or downstream policy systems to trust the skill more than warranted, increasing the chance that it is run with broader permissions than users realize.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation hints are very broad (`"error code", "0x", hex code, error name`) and can cause this reference skill to trigger on many unrelated user requests, especially any message containing a hexadecimal value or generic error discussion. In an agent environment, over-broad routing can surface this skill outside its intended scope, leading to misclassification, misleading assistance, or accidental precedence over more appropriate skills.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The examples instantiate a mainnet RPC endpoint and include a real value transfer instruction, but the documentation does not clearly warn users that copying the sample can contact third-party infrastructure and submit a transaction on mainnet. In a developer reference, this creates a realistic risk of accidental fund movement, privacy leakage to the RPC provider, and misuse by readers who assume the snippet is purely illustrative.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal