ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Coinw Contract Skill

v1.0.4

Coinw Contract REST API skill: covers market data, order placement/cancellation, TP/SL, position and order queries, account assets, position modes, and lever...

1· 63·0 current·0 all-time
by@connectcoinw
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description is a CoinW contract trading API skill and the only required environment variables are COINW_API_KEY and COINW_SECRET_KEY, which are appropriate for trading/private endpoints. The documented endpoints and signing method align with the stated purpose.
Instruction Scope
SKILL.md is instruction-only and stays within API usage: it documents endpoints, signing (MD5 with secret), and required params. However it explicitly tells users they may 'provide api_key/secret_key (and an account name) in chat' and that the agent will 'mask' and store them — this guidance encourages entering secrets into chat, which increases exposure risk. The instructions do not reference unrelated system files or other credentials.
Install Mechanism
No install spec or code files are executed; this is an instruction-only skill so nothing is downloaded or written by an installer. That reduces supply-chain risk but also means no executable review beyond the markdown docs.
Credentials
Only the expected COINW_API_KEY and COINW_SECRET_KEY are requested — proportional to trading functionality. Still, these are high-value credentials (can place/cancel trades). The SKILL.md's guidance to paste secrets into chat and the skill's always-on nature increase the risk that those secrets may be used or exposed unexpectedly if the agent or skill is invoked.
!
Persistence & Privilege
The skill sets always: true, meaning it can be force-included in all agent runs. For a trading skill that can access private API keys and place orders, always: true is not clearly justified and materially increases attack surface and blast radius. This combination (always: true + credential access) is the main security concern.
What to consider before installing
This skill appears to implement CoinW contract API docs and legitimately needs COINW_API_KEY / COINW_SECRET_KEY, but there are important cautions: 1) always:true is enabled — the skill will be included in every agent run, increasing risk when it has access to trading credentials; 2) SKILL.md explicitly suggests pasting API keys into chat and says the agent will store them — avoid typing full secret keys in chat unless you trust the platform's secrets handling; instead configure secrets via the platform's secure secret store or environment variables; 3) limit API key permissions (enable only needed scopes, do NOT enable withdrawals, use IP whitelisting if supported, and prefer read-only keys unless placing trades); 4) verify the skill source and authenticity (no homepage provided, unknown owner ID); 5) consider disabling always:true or installing a copy you control so you can audit changes; and 6) rotate keys regularly and remove the skill if you no longer need it. If you want to proceed, ensure keys are provisioned through a platform secret store (not pasted in chat) and use a minimally-privileged API key.

Like a lobster shell, security has layers — review code before you run it.

latestvk972q8nfpynw0nwgw38jhatejs842sn0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvCOINW_API_KEY, COINW_SECRET_KEY

Comments