Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Chain Sensei
v1.0.0On-chain intelligence for AI agents. Analyze wallets, detect risks, trace transactions, and get instant insights on any Ethereum address. Built by an agent,...
⭐ 0· 25·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The claimed capabilities (wallet snapshots, token info, tx traces, risk scoring) align with an on‑chain intelligence skill. However, the skill advertises a paid premium flow (x402/USDC) and an external API endpoint (https://chain-sensei.example.com) even though the package declares no required credentials, no install artifacts, and no official homepage—this mismatch is notable but could be explained by platform-handled payments or a hosted service.
Instruction Scope
SKILL.md directs the agent to call an external API endpoint and says the agent will "automatically handle x402 payment negotiation" and that the skill "caches analysis results locally." The document does not specify which upstream blockchain APIs are used, where cached files are stored, or how the x402 payment/authorization flow is performed. Those are operational behaviors that may touch local storage and external networks yet are not described in a way that limits or justifies them.
Install Mechanism
This is an instruction-only skill with no install spec or code files to run. That minimizes installation risk because nothing will be downloaded or written as part of an installer. The README suggests using 'npx clawhub@latest install chain-sensei', but there is no package or install artifact included with the skill itself.
Credentials
No environment variables, credentials, or config paths are declared, yet the skill claims paid features via x402 and advises 'Make sure you have USDC on Base for payments' and shows an Authorization header of 'x402'. If the agent/platform is expected to manage payments, that should be explicit; otherwise the skill is missing required credential declarations. The absence of declared credentials while implying on‑chain payments and an auth token is an inconsistency.
Persistence & Privilege
The skill declares it will cache analysis results locally to reduce API calls. Caching itself is reasonable for this functionality, but SKILL.md does not specify cache location, retention, or whether sensitive information could be written. Because the skill is not marked 'always:true' and does not request elevated privileges, persistence is limited in scope but should be clarified.
What to consider before installing
This skill looks like it could provide the advertised blockchain analytics, but there are gaps you should clarify before installing: 1) Confirm the real service endpoint and operator (chain-sensei.example.com is not a known vendor and may be a placeholder). 2) Ask how x402 payments and Authorization are handled by the platform and whether any wallet keys or signing will be requested; never provide private keys or raw seed phrases. 3) Request details on what upstream APIs are contacted and where cache files are stored/kept. 4) Test only the free tier first and monitor outgoing network calls and any files the skill writes. If the author cannot explain the payment/auth flow or provide a real, reputable endpoint and privacy/policy info, avoid enabling premium features or granting additional permissions.Like a lobster shell, security has layers — review code before you run it.
latestvk970jedw5z1fp5ahspdyyd620h84672t
License
MIT-0
Free to use, modify, and redistribute. No attribution required.