ClawHub

Uniswap Agent Otc Trade

Security checks across malware telemetry and agentic risk

Overview

This is a high-risk crypto trading skill, but its powerful actions are disclosed, user-directed, and aligned with its stated OTC Uniswap purpose.

Install only if you intend to let an agent prepare and submit Uniswap-based trades. Use a limited wallet, verify the counterparty, amounts, chain, price, slippage, fees, approvals, and final transaction details before confirming. Treat trade logs as potentially sensitive until the publisher documents where they are stored and how long they are retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill makes strong security claims about ERC-8004 identity verification, reputation checks, and trust gating, but the declared executable capabilities do not include any direct registry-access tool and instead defer to a generic identity-verifier subagent. In a financial trading skill, this creates a dangerous trust gap: users and downstream agents may rely on verification guarantees that are not actually enforceable or auditable at the skill boundary, enabling spoofed counterparties or skipped verification before executing swaps.

Description-Behavior Mismatch

Medium
Confidence
86% confidence
Finding
The skill promises that every OTC trade is recorded for audit and reputation purposes, but no allowed tool provides persistent storage, logging, or write access to a trade-history system. This can mislead users into believing there is an auditable trail for dispute resolution or compliance when, in practice, records may not exist, undermining accountability after high-value trades.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal