ClawHub

Heurist Mesh Crypto Analysis Skill

Security checks across malware telemetry and agentic risk

Overview

This is a coherent crypto analytics skill, but some payment paths ask the agent to handle raw wallet or payment private keys and paid actions without enough safeguards.

Install only if you are comfortable giving an agent access to a paid crypto-data provider. Prefer the Heurist API-key credit path over raw wallet keys, use a dedicated low-balance wallet if x402 is needed, keep payment secrets out of shared project files, and require explicit approval and price display before any paid request or signing action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill explicitly instructs reading highly sensitive secrets from .env, including a wallet private key, to enable API and payment flows. In an agent environment, instructions to access local secret stores can lead to credential exposure, misuse of signing authority, or unintended fund movement, especially because the skill does not clearly warn against ever revealing or transmitting raw secrets.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill advertises web search, URL scraping, Twitter/X search, and summarization through external services without warning that user prompts, URLs, and fetched content will be transmitted off-platform. This creates privacy and data-handling risk if users provide confidential queries, internal URLs, or sensitive research targets.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The document instructs users to store a private key in a local `.env` file but does not warn that this is a high-sensitivity credential or describe basic handling precautions. If the `.env` file is accidentally committed, logged, shared, or read by other local processes, an attacker could impersonate the buyer and authorize or inspect payment-related activity.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The setup flow has users transmit sensitive data including a private key, email, name, and password in example requests, but provides no privacy or secure-handling guidance. Even though the transport is HTTPS, users may copy these commands into shells with history logging, shared terminals, CI logs, or documentation screenshots, increasing risk of credential and identity leakage.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation tells users to pay with a raw private key and USDC balance but provides no warning about key sensitivity, wallet isolation, fund-loss risk, or use of a dedicated low-balance wallet. In a crypto-payment context, normalizing direct private-key handling materially increases the chance of credential misuse and irreversible financial loss.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The guide instructs users to transmit a signed payment authorization to a remote service without clearly stating that the header contains authorization material and wallet metadata being sent off-host. Even if intended by the protocol, missing disclosure can lead users to expose payment artifacts without understanding replay, logging, or privacy implications.

External Script Fetching

High
Category
Supply Chain
Content
Install Foundry:

```bash
curl -L https://foundry.paradigm.xyz | bash
foundryup
```
Confidence
97% confidence
Finding
curl -L https://foundry.paradigm.xyz | bash

Chaining Abuse

High
Category
Tool Misuse
Content
Install Foundry:

```bash
curl -L https://foundry.paradigm.xyz | bash
foundryup
```
Confidence
98% confidence
Finding
| bash

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal