Skillv0.2.1

ClawScan security

Apex Crypto Intelligence · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 10, 2026, 1:10 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose, runtime instructions, and included client.py are internally consistent: it collects market prices locally (optionally using user-supplied read-only exchange keys) and sends only aggregated market data + query text to api.neurodoc.app.
Guidance: This skill appears coherent and auditable, but take these precautions before installing or running it with real keys: - Keep exchange API keys strictly read-only (no trading/withdrawal permissions) as recommended. - Review and run the included client.py locally (e.g., python client.py or a dry-run) to inspect the exact outbound payload; verify keys do not appear in logs, error messages, or the built payload. - If you will send any market data to api.neurodoc.app, review that service's privacy policy and trustworthiness; the code sends aggregated prices and query text to that external API. - Install dependencies (httpx) in a isolated environment (venv) and inspect network calls (e.g., with a proxy or network monitor) during initial runs. - If you need a higher assurance level, obtain the referenced GitHub source and compare versions or run the client in an isolated sandbox before using production keys. Confidence is medium because the provided client.py appears to exclude keys from the payload, but full runtime safety depends on how you run it (error handling/logging) and the external API's handling of data.

Review Dimensions

Purpose & Capability: okName/description (multi-exchange market analysis, arbitrage detection, reports) match the code and SKILL.md. Optional environment variables are exchange API keys that are reasonable for this purpose. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope: noteSKILL.md and client.py instruct the agent to read optional exchange keys from environment variables, fetch market data from exchanges (and CoinGecko), build an aggregated payload, and send only prices/volumes and query text to https://api.neurodoc.app/aetherlang/execute. The code contains a build_api_request function that explicitly omits keys from the payload. Note: the consumer should still verify runtime behavior (e.g., error logging, stack traces, retries) won't inadvertently surface keys — the provided client.py makes that auditable.
Install Mechanism: okNo install spec (instruction-only skill plus an included Python client). This minimizes automatic installation risk. The SKILL.md lists a python dependency (httpx) but there is no automatic installer; user must provide Python and deps themselves, which is proportionate.
Credentials: okNo required env vars; optional env vars are standard exchange API key/secret pairs and match the declared names in SKILL.md and client.py. Requiring read-only keys for better data is proportional to the stated function. No other unrelated secrets are requested.
Persistence & Privilege: okalways is false, no OS restrictions, and the skill does not request system-wide config changes or credentials of other skills. Autonomous model invocation is allowed (platform default) but not combined with excessive privileges here.