ClawHub

Bytesagain Crypto

Security checks across malware telemetry and agentic risk

Overview

This looks like a crypto market-data helper, but it needs review because one user-controlled filter can be inserted into Python code and the documentation under-discloses some behavior.

Install only if you are comfortable with a local shell script making public market-data requests to Binance and CoinGecko. Do not provide wallet secrets, exchange credentials, or private financial data, and avoid letting untrusted prompts supply arbitrary command arguments until the pairs filter input handling is fixed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
80% confidence
Finding
The skill advertises a simple market-data capability, but the analysis indicates it can access environment variables and invoke a shell without declaring those permissions. Hidden execution capabilities increase risk because they expand the attack surface beyond the documented behavior and may enable command execution or access to secrets if later instructions or tool wiring permit it.

Tp4

High
Category
MCP Tool Poisoning
Confidence
94% confidence
Finding
The documented behavior does not match the analyzed implementation: it reportedly uses additional external services, gathers data not disclosed in the description, and overstates its indicator coverage. This is dangerous because users and reviewers cannot accurately assess network exposure, data flows, or trust assumptions when the skill's true behavior is obscured.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal