Skillv0.1.0

ClawScan security

Token Risk Explainer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 7, 2026, 7:31 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to implement the stated token-risk functionality and calls Binance Web3 endpoints, but its environment/credential expectations and runtime billing behavior are inconsistent with the registry metadata and SKILL.md, which could cause unexpected failures or silent external calls if not configured correctly.
Guidance: This skill otherwise looks coherent with its stated purpose, but be aware of these practical issues before installing: 1) Billing: by default the code uses a SkillPay billing client and will try to read SKILLPAY_APIKEY; if SKILLPAY_APIKEY is not set and SKILLPAY_BILLING_MODE is not set to 'noop' the skill will raise an error when it tries to bill. SKILL.md mentions SKILLPAY_APIKEY and SKILLPAY_PRICE_USDT but the registry metadata lists no required environment variables — treat that as a mismatch. 2) Network endpoints: the skill calls https://web3.binance.com (or whatever you set via BINANCE_WEB3_BASE_URL) to fetch token audits/meta and may call the SkillPay service (default https://skillpay.me) for billing. The data sent includes contract addresses and token metadata/audit results (not private keys), but it is transmitted to external services. 3) If you want to test safely, run the scripts in a sandbox and either (a) set SKILLPAY_BILLING_MODE=noop or (b) run with a known test SKILLPAY_APIKEY and SKILLPAY_BASE_URL pointed to a test endpoint. 4) If you require a guarantee that no billing/telemetry occurs, inspect or modify build_billing_client/maybe_bill to force noop billing. 5) The code is readable and doesn't request private wallet keys, but the environment var mismatch and implicit billing behavior are the main risks; if you rely on the registry metadata alone you could encounter runtime errors or unexpected external billing calls. If you want higher assurance, ask the author to update the declared required env vars and to document the CLI flags (e.g., --skip-billing) explicitly.

Review Dimensions

Purpose & Capability: okCode and instructions align with the declared purpose: the scripts call a Binance Web3 API (default base URL https://web3.binance.com) to resolve tokens, fetch token metadata and audits, build risk factors, and produce bilingual summaries and community drafts. The included tests and FACTOR_COPY map support the stated behavior.
Instruction Scope: concernSKILL.md runtime commands are straightforward (run the Python script with explain/compare/watchlist/health). However the instructions and code reference environment variables and behavior not declared in the registry metadata: billing is performed via a SkillPay client that reads SKILLPAY_APIKEY (and optional SKILLPAY_BASE_URL, SKILLPAY_CHARGE_URL, SKILLPAY_CHARGE_PATH), and the web3 client reads BINANCE_WEB3_BASE_URL and BINANCE_HTTP_TIMEOUT_SEC. The SKILL.md mentions SKILLPAY_APIKEY and SKILLPAY_PRICE_USDT in a 'Billing Hook' section, but the top-level metadata claims no required env vars. At runtime, build_billing_client will raise a BillingError if SKILLPAY_BILLING_MODE is 'skillpay' (the default) and SKILLPAY_APIKEY is missing, so the skill can fail unless billing is skipped or mode set to noop. The code sends contract addresses and derived metadata to external endpoints (Binance Web3 and SkillPay) — expected for the purpose but worth noting.
Install Mechanism: okThere is no install spec; this is effectively an instruction-and-script bundle. Requirements include only 'requests' in requirements.txt. No arbitrary downloads, extract operations, or unusual installers are present. The provided publish script references a clawhub CLI (for publishing to a registry) but it is not required for runtime.
Credentials: concernThe amount and type of environment variables read by the code are reasonable for the functionality (API base URL override, timeouts, and a billing API key). However the manifest claims 'Required env vars: none' while runtime billing requires SKILLPAY_APIKEY unless billing is disabled/skipped. Other env vars used but not documented in metadata include BINANCE_WEB3_BASE_URL, BINANCE_HTTP_TIMEOUT_SEC, SKILLPAY_BILLING_MODE, SKILLPAY_BASE_URL, SKILLPAY_CHARGE_URL, SKILLPAY_CHARGE_PATH, SKILLPAY_PRICE_USDT, and SKILLPAY_USER_REF. None of these require sensitive secrets except SKILLPAY_APIKEY, but that secret is required in the 'skillpay' billing mode and this requirement is not accurately reflected in the top-level metadata.
Persistence & Privilege: okThe skill does not request persistent 'always' inclusion and does not attempt to modify other skills or system configuration. It makes outbound HTTP requests (Binance Web3 and SkillPay) but does not request system-level privileges or access local secret stores beyond environment variables.