Crypto Watcher

v1.0.0

Monitor ETH wallets and DeFi positions across chains with alerts for balance changes, gas prices, health factors, and large token transfers.

⭐ 3· 1k·7 current·8 all-time

by@0xraini

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/intent (wallet and DeFi monitoring) matches required files and behavior: the CLI reads a local config of public wallet addresses, queries public RPC endpoints, CoinGecko, and DefiLlama, and reports balances and gas. The included dependency (viem) is appropriate for Ethereum RPC interactions.

✓

Instruction Scope

Runtime instructions and the SKILL.md align with the implementation. The CLI reads/writes only ~/.config/crypto-watcher/config.json (to store watched addresses), calls public APIs/RPCs, and prints output. It does not request private keys, system tokens, or unrelated files.

ℹ

Install Mechanism

The package includes source, package.json and package-lock but no explicit install spec in the skill metadata. That is not malicious but means dependencies (viem, etc.) must be installed by the runtime environment before the CLI will run. The dependency sources are standard npm packages (viem and its dependencies) listed in package-lock.json.

✓

Credentials

The skill declares no required environment variables, and the code does not read environment secrets. All external endpoints used are public (CoinGecko, DefiLlama, public RPC URLs). No credentials, tokens, or private keys are requested or stored.

✓

Persistence & Privilege

The skill is not always-enabled and does not modify other skills or system-wide settings. It does persist its own config at ~/.config/crypto-watcher/config.json, which is appropriate for its purpose.

Assessment

This skill appears to do what it says: monitor public wallet addresses and DeFi info. Before installing, consider: (1) the CLI will make outbound network calls to public RPCs and APIs (CoinGecko, DefiLlama) — run it in an environment you trust; (2) it stores watched addresses in ~/.config/crypto-watcher/config.json (no private keys) — do not store private keys or seed phrases there; (3) there is no install spec in the skill metadata, so ensure dependencies (node, compatible node version, and npm-installed dependencies like viem) are available in your runtime; (4) if you need stronger assurance, review or run the code in an isolated environment (container) to observe network behavior. Overall, no unexplained permissions or credential access were found.

Like a lobster shell, security has layers — review code before you run it.

latestvk978bfjchjandxsa4jydybwtxs80vrpe

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Crypto Watcher

License

Comments