ClawHub

Crypto Price Monitor

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward crypto price alert skill with optional Telegram notifications, but users should note that some advertised alert modes are not implemented in the bundled script.

Install only if you are comfortable with the script contacting CoinGecko and, if configured, sending alert messages to Telegram. Keep Telegram credentials out of shared files or repositories, test alerts before relying on them, and avoid using the documented percent-based conditions unless you first add or verify support for them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill performs network operations against CoinGecko and optionally Telegram, but no permissions or disclosure metadata are declared. This can mislead users and policy systems about the skill's real capabilities, increasing the chance of unintended outbound communications and weakening review controls.

Tp4

High
Category
MCP Tool Poisoning
Confidence
90% confidence
Finding
The documentation claims support for percentage-move alerts and file delivery, but the provided script does not implement those behaviors as described. Security-relevant mismatches between stated and actual behavior reduce user trust, can cause unsafe operational assumptions, and may lead users to deploy the skill believing controls or features exist when they do not.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The skill documents percent-based alert conditions that are not handled in the alert evaluation logic. While this is not direct code execution or data theft, it can create monitoring blind spots where users believe risk-triggering alerts will fire when they never will.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
Telegram notifications send alert content to a third-party service and rely on sensitive bot credentials stored in configuration, but the skill does not prominently warn users about this external sharing. This creates privacy and secret-handling risk, especially if users place tokens in world-readable files or do not realize alert contents leave the local environment.

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The skill can transmit alert content to Telegram, an external third-party service, without any user-facing notice or consent flow in this file. While the transmitted data is limited to alert messages and prices, it may still reveal trading interests, monitored assets, or operational metadata, which creates a privacy and data-handling risk.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal