ClawHub

Mining

Security checks across malware telemetry and agentic risk

Overview

This skill is labeled as mining analysis but actually installs a local entry tracker that stores, deletes, exports, and configures user-provided data.

Review this carefully before installing. It should not be treated as a mining or blockchain analysis skill; it is a local scratchpad-style CLI that stores data under ~/.mining by default, can delete its own stored entries, can write config values, and can export saved data to local files. Do not enter secrets or sensitive business data, and only install it if you specifically want that local data-management behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (9)

Tp4

High
Category
MCP Tool Poisoning
Confidence
97% confidence
Finding
The skill is presented as a blockchain/mining analysis tool, but the documented behavior is a generic local data manager with persistent storage, export, deletion, and config writes. This mismatch can cause an agent or user to invoke the skill under false assumptions, leading to unintended local file operations and data handling beyond the declared purpose.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The command set documents status/add/list/search/remove/export/stats/config operations typical of a local CRUD utility, not a mining-analysis skill. In an agent ecosystem, this semantic deception is dangerous because tooling selection may rely on the manifest, causing the agent to run file-mutating commands when it expected read-only blockchain analysis.

Intent-Code Divergence

High
Confidence
96% confidence
Finding
The top-level documentation claims the skill helps analyze mining operations and protocol security, but the subsequent usage guidance describes unrelated entry management. This inconsistency undermines trust and increases the chance of unsafe invocation in sensitive environments where users expect analytical, not state-changing, behavior.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The skill is presented as a mining-analysis tool, but the implementation is a generic local note/config store with add, search, export, remove, and config management. This mismatch is dangerous because it can cause users or an agent framework to grant trust, permissions, or invoke the skill under false pretenses, enabling unreviewed local data persistence and manipulation unrelated to the declared purpose.

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The inline documentation explicitly claims mining-analysis behavior that the script does not implement. Misleading in-file descriptions are security-relevant because reviewers, users, and automated systems may rely on those claims when deciding whether the skill is appropriate or safe to run.

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The help text advertises mining-analysis capabilities, but the available commands only read, write, search, export, and configure local data. This misrepresentation increases risk of social engineering and inappropriate invocation by agents, since users may not realize the tool is persisting arbitrary input locally.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The script creates a hidden data directory and stores arbitrary user-provided content and configuration despite the skill being framed as mining analysis. In this context, unjustified persistence is risky because it broadens the tool's effective capability to collect and retain local data without a purpose-aligned need.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation includes destructive and file-affecting commands such as remove and export without any warning, confirmation requirement, or explanation of scope. In agent-driven contexts, missing safety notices can lead to silent deletion, unintended data disclosure, or writes to local files when users believe they are only requesting analysis.

Missing User Warnings

Low
Confidence
82% confidence
Finding
Config values are written to a local file without clear upfront disclosure beyond implicit behavior in the command. While not inherently a code-execution flaw, silent persistence can expose sensitive user-supplied values, especially if users assume the tool is only performing transient mining analysis rather than storing settings on disk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal