Skillv0.1.0

ClawScan security

Kaspa Dev · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 11, 2026, 9:07 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill is broadly consistent with a Kaspa development toolkit, but there are small inconsistencies and privacy risks you should review before installing (notably undocumented API-key use and example code that logs private keys).
Guidance: This skill appears to be a legitimate Kaspa developer reference bundle, but review a few things before using it: (1) The docs and sample clients expect a Kaspa Developer Platform API key (Authorization: Bearer), yet the skill metadata doesn't declare any required env vars — expect that you will need to provide an API key when using the examples. (2) Several examples and included scripts print or output private keys; do not run these against real funds or with real private keys unless you remove debug prints and ensure secrets are stored securely (use hardware wallets or ephemeral dev keys). (3) Inspect the two included Python scripts (build-transaction.py, generate-address.py) before executing to confirm they don't transmit keys or other sensitive data to external endpoints. (4) Because source/homepage are unknown, prefer obtaining SDKs and examples from official Kaspa repositories (or kaspa.org) and test everything on testnet/devnet first. If you intend to use real API keys or private keys, only proceed after verifying the scripts and removing any logging of secrets.

Review Dimensions

Purpose & Capability: noteThe name, description, and the included reference docs and example code all align with a Kaspa development toolkit (address generation, transaction building, SDK usage for JS/Rust/Go/Python/WASM). The included scripts and references match the declared purpose.
Instruction Scope: noteSKILL.md and the references contain concrete code examples and step-by-step guidance for generating addresses, building/signing transactions, and interacting with Kaspa RPC/API. However several examples show printing or returning raw private keys (e.g., console.log('Private Key:', ...) and the Python sample prints the private key hex), which encourages insecure handling of secrets. The instructions otherwise do not direct the agent to read unrelated system files or hidden endpoints.
Install Mechanism: okThere is no install spec (instruction-only), which is lower risk because nothing is automatically downloaded or written to disk by an installer. Two small Python scripts are included; they will only run if executed by the user/agent.
Credentials: concernThe documentation and Python/JS examples reference a Kaspa Developer Platform API key and show a KaspaClient that accepts an api_key or Authorization: Bearer header, but the skill metadata declares no required environment variables or primary credential. That mismatch (documentation implying a secret is needed while metadata doesn't declare it) is an incoherence — the skill will likely expect an API key at runtime even though none is advertised. Also examples showing printing/storing private keys raise data-exfiltration risk if users run samples against real keys.
Persistence & Privilege: okThe skill does not request always:true, has no install step, and does not request access to other skills' configs or system-wide settings. Agent autonomous invocation is enabled by default (normal) but does not combine with other privilege escalation signs here.