ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

The Flip

v0.1.0

$1 USDC entry. Pick 20 predictions. All 20 coins flip at once each round. Match the first 14 to win the entire jackpot. Live on Solana devnet.

0· 64·0 current·0 all-time
by@bedesta5050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (a Solana devnet coin-flip game) matches the included code and CLI helper (node app/demo.mjs). Requiring 'node' is appropriate for the JS helper. However the runtime actually requires the Solana toolchain / wallet files and Anchor artifacts (not declared in metadata), so the declared requirements are incomplete.
!
Instruction Scope
SKILL.md instructs commands that will read the user's Solana keypair (~/.config/solana/id.json) and sign transactions (expected for on‑chain interaction) — that is legitimate for this purpose but sensitive. SKILL.md also tells users to run a curl | sh installer from release.anza.xyz and to post their wallet publicly to receive devnet USDC — both are risky/unnecessary. Additionally, the demo script expects an IDL at ../target/idl/the_flip.json but the repository provides idl/the_flip.json (path mismatch), so the provided runtime instructions may fail or prompt users to run additional build steps not documented.
!
Install Mechanism
There is no formal install spec, but SKILL.md tells users to run 'npm install' (normal) and to install the Solana CLI via an external curl script hosted at release.anza.xyz (not the official solana release domain). Directing users to execute an opaque remote installer script is a high-risk practice and disproportionate to the stated purpose. The NPM dependencies themselves are standard for an Anchor/Solana JS client.
Credentials
The skill declares no required environment variables, which is consistent with the registry metadata, but the runtime code will read a local keypair file (default ~/.config/solana/id.json or ANCHOR_WALLET) and will sign transactions using that key. Reading a local wallet file is necessary for on‑chain actions but is sensitive — the SKILL.md should explicitly warn and require an isolated/devnet keypair. The request to publicly post your wallet for faucets is poor security hygiene.
Persistence & Privilege
The skill does not request 'always: true', does not claim elevated platform privileges, and does not attempt to modify other skills or global agent config. Autonomous invocation is allowed (default) but not combined with other high‑risk behaviors here.
Scan Findings in Context
[external-installer-curl] unexpected: SKILL.md instructs running a remote installer via `sh -c "$(curl -sSfL https://release.anza.xyz/stable/install)"`. This is not the official Solana installer URL and is disproportionate/unnecessary for a skill that only needs to run node and use a devnet keypair.
[wallet-posting-instruction] unexpected: SKILL.md suggests posting your wallet publicly to receive devnet USDC (social faucet). That instruction risks privacy and social engineering and is not required to run the software.
[idl-path-mismatch] unexpected: The demo script expects an IDL at ../target/idl/the_flip.json but the repo contains idl/the_flip.json; SKILL.md does not document running 'anchor build' or copying the IDL. This mismatch may cause runtime failure or prompt users to run additional (potentially privileged) build/deploy steps.
What to consider before installing
This repository mostly implements the advertised Solana devnet coin‑flip game, but several red flags mean you should proceed carefully: 1) Do not run remote curl | sh installers from unknown domains — use the official Solana installer or install through trusted channels. 2) Create and use an isolated devnet-only keypair (do not use a mainnet wallet or your primary keys). The demo script will read ~/.config/solana/id.json or ANCHOR_WALLET by default — be explicit about which key you pass. 3) Avoid posting your wallet publicly; use an official faucet or a wallet you control for devnet funds. 4) Expect the demo to require Anchor/IDL files; the code references a different IDL path than provided — you may need to run anchor build or copy the IDL before running commands. 5) Review the on‑chain program address in a block explorer and, if you plan to send value (even devnet tokens), audit the Rust program logic (included) to verify payout/withdraw rules. If you are not comfortable with these steps, test in an isolated environment (VM or throwaway account) and don’t use real/mainnet assets.
app/demo.mjs:44
Environment variable access combined with network send.
!
app/demo.mjs:44
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97756tb3s3s9bsybpemjh24vx83anaa

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎰 Clawdis
Binsnode

Comments