ClawHub

ZeroDust Chain Exit

Security checks across malware telemetry and agentic risk

Overview

This skill is not malicious, but it deserves review because it helps an agent move all native crypto balance off a chain and the safety warnings and trigger scoping are too light for that impact.

Install only if you intentionally want an agent to help empty native gas balances from supported chains. Before signing, independently verify the ZeroDust endpoint/provider, source chain, destination chain and address, exact amount semantics, estimated receive amount, all fees, EIP-7702 delegation details, and revocation status. Avoid batch sweeps unless every chain is individually reviewed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The README describes sweeping 100% of native gas tokens and leaving exactly zero balance, but it does not prominently warn users that this is an irreversible fund movement that can strand the account without gas for future transactions on the source chain. In the context of a wallet/agent skill that automates asset transfers, the lack of explicit depletion-risk warnings materially increases the chance of user harm through misunderstanding or unsafe invocation.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases include broad, common expressions such as 'empty this wallet' and 'move everything to [chain]' for a skill that transfers 100% of native balance and leaves the source wallet at zero. In an agent environment, overly broad activation language can cause unintended invocation of a destructive financial action, especially if the system auto-selects skills from natural-language requests.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The introductory usage guidance promotes fully exiting a chain, emptying a wallet, and moving everything, but does not place a prominent warning upfront that this action drains 100% of native gas funds and can strand the user without gas on the source chain. Because this is a high-impact financial action, insufficient warning materially increases the risk of accidental full-balance transfer and user harm.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal