ClawHub

solana meme token analyzer

Security checks across malware telemetry and agentic risk

Overview

The analyzer’s core token-risk functionality is coherent, but its agent-facing paid crypto payment path needs careful review before installation.

Install only if you are comfortable with the external Solana and DexScreener lookups and, if using the hosted path, with an agent handling wallet-based USDC payments. Prefer the local Python script unless you explicitly approve each paid request, set a spending limit, and review the x402/awal tooling and dependency versions you will run.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (11)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill declares no explicit permissions while its documented behavior clearly requires environment-variable access and outbound network access to Solana RPC, DexScreener, Helius, and a hosted API. This creates a transparency and policy-enforcement gap: an agent or platform may invoke the skill without understanding its real capabilities, increasing the risk of unexpected data exposure or unauthorized external calls.

Tp4

High
Category
MCP Tool Poisoning
Confidence
94% confidence
Finding
The skill is presented as a Solana token-risk analyzer, but the documentation also promotes a paid remote API using x402 micropayments and Base-chain USDC settlement, which is behavior outside the stated analytical purpose. That mismatch is security-relevant because users or agents may route requests, payment metadata, and token addresses to a third-party service they did not intend to trust, enabling unexpected fund spending and data exfiltration.

Missing User Warnings

Medium
Confidence
74% confidence
Finding
The API forwards the raw X-PAYMENT value to an external facilitator for verification and settlement, but there is no explicit user-facing disclosure or minimization of what payment metadata is being transmitted. In this skill context, the external transmission is related to the payment feature rather than token analysis, so the mismatch makes the privacy/surprise factor more significant even if the behavior is functionally expected.

Unpinned Dependencies

Low
Category
Supply Chain
Content
fastapi>=0.110.0
uvicorn>=0.29.0
requests>=2.28.0
colorama>=0.4.6
Confidence
95% confidence
Finding
fastapi>=0.110.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
fastapi>=0.110.0
uvicorn>=0.29.0
requests>=2.28.0
colorama>=0.4.6
tabulate>=0.9.0
Confidence
95% confidence
Finding
uvicorn>=0.29.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
fastapi>=0.110.0
uvicorn>=0.29.0
requests>=2.28.0
colorama>=0.4.6
tabulate>=0.9.0
Confidence
95% confidence
Finding
requests>=2.28.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
fastapi>=0.110.0
uvicorn>=0.29.0
requests>=2.28.0
colorama>=0.4.6
tabulate>=0.9.0
Confidence
93% confidence
Finding
colorama>=0.4.6

Unpinned Dependencies

Low
Category
Supply Chain
Content
uvicorn>=0.29.0
requests>=2.28.0
colorama>=0.4.6
tabulate>=0.9.0
Confidence
93% confidence
Finding
tabulate>=0.9.0

Known Vulnerable Dependency: fastapi — 3 advisory(ies): CVE-2021-32677 (Cross-Site Request Forgery (CSRF) in FastAPI); CVE-2021-32677 (FastAPI is a web framework for building APIs with Python 3.6+ based on standard ); CVE-2024-24762 (FastAPI is a web framework for building APIs with Python 3.8+ based on standard )

High
Category
Supply Chain
Confidence
72% confidence
Finding
fastapi

Known Vulnerable Dependency: uvicorn — 4 advisory(ies): CVE-2020-7694 (Log injection in uvicorn); CVE-2020-7695 (HTTP response splitting in uvicorn); CVE-2020-7694 (This affects all versions of package uvicorn. The request logger provided by the) +1 more

High
Category
Supply Chain
Confidence
74% confidence
Finding
uvicorn

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
78% confidence
Finding
requests

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal