ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Defi Analyst

v1.0.0

DeFi research and analysis via Tavily MCP, GeckoTerminal API, and DeFiLlama. Use for protocol research, TVL tracking, yield analysis, token discovery, and co...

0· 100·0 current·0 all-time
by@0x-wzw
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md and README describe a DeFi research skill that uses Tavily (via mcporter), DeFiLlama, and GeckoTerminal — that is coherent. However, the skill metadata declares no required environment variables while the SKILL.md explicitly requires a Tavily API key and mcporter configuration. The README even contains a plaintext-looking Tavily API key. The skill also references other agent skills (mcporter/moltbook/swarm) without declaring those dependencies. These metadata/instruction mismatches are unexplained and concerning.
Instruction Scope
Runtime instructions are limited to mcporter calls and curl/jq calls to public APIs (Tavily MCP, Geckoterminal, DeFiLlama), which are consistent with the stated purpose. The mcporter config step will store a Tavily API key in the mcporter config; the SKILL.md shows that key being included directly in a URL parameter, which can risk exposure in logs/history. The skill does not instruct reading unrelated local files or secrets beyond the Tavily key.
Install Mechanism
There is no install spec (instruction-only), and only a small validate.sh is included. No downloads or archive extraction are present. This is low install risk.
!
Credentials
Registry metadata lists no required env vars or primary credential, yet SKILL.md and README require/configure a Tavily API key. The README contains a plaintext token-like string (example or real key) which could be a leaked credential or an insecure example; its presence without explanation is a red flag. No other unrelated credentials are requested, which is proportionate, but the mismatch and the embedded key are problematic.
Persistence & Privilege
always:false and default autonomous invocation are set (normal). The skill will instruct adding a mcporter config entry for Tavily (expected for this integration); it does not request system-wide privileges or modify other skills' configs in the provided files.
What to consider before installing
Do not assume the README API key is safe to use. Before installing: 1) Verify the skill's source (official repository / author) — the registry lists no homepage and the source is unknown. 2) Treat the Tavily key in README as potentially leaked; obtain your own Tavily API key and do not paste someone else's key into your environment. 3) Confirm how mcporter stores the key (avoid embedding keys in URLs or command history). 4) If you need guarantees about provenance, ask the publisher for the canonical GitHub repo, check commit history and issues, and inspect any network endpoints (mcp.tavily.com) independently. 5) If you don't want your agent to store external API credentials, do not run the mcporter config command and avoid using this skill until provenance and credential handling are clarified.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dq8arba6xf1v1fcbsamxwxd83a217

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments