ClawHub

Uniswap Cross Chain Arbitrage

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent DeFi arbitrage workflow, but it deserves review because it can move wallet funds through cross-chain trades without clear default spending limits or wallet boundaries.

Install only if you are comfortable with agent-assisted trading. Use scan-only mode first, use a limited wallet, set an explicit maxAmount, token and chain allowlists, slippage limits, and require manual wallet confirmation for every transaction. Review the referenced Uniswap MCP server and subagents before granting wallet access.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README explicitly advertises that the skill can execute cross-chain arbitrage, which can move funds, incur gas and bridge fees, and expose users to slippage, settlement failure, or market movement, but it does not warn about these transactional risks. In an agent setting, omitting such warnings increases the chance that a user or downstream agent treats execution as routine or low-risk and authorizes actions without understanding potential fund loss.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The example prompt encourages the agent to automatically execute arbitrage opportunities based on profitability criteria, but it does not include a requirement for explicit confirmation, transaction preview, spending limits, or risk acknowledgement. In the context of a cross-chain trading skill, that is more dangerous because execution involves real asset movement across multiple systems, where stale quotes, bridge issues, or adversarial market conditions can quickly turn an apparently profitable trade into a loss.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal