Skillv3.1.0

ClawScan security

Anti Rug · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 11, 2026, 2:23 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are consistent with a Web3 token security scanner; it requires no secrets and its network activity (queries to a third‑party token-security API) matches the stated purpose.
Guidance: This package appears to do what it says: it queries a token‑security API (api.gopluslabs.io) for indicators, runs local validators, and reports risks. Before installing or running it: 1) be aware that contract addresses you check are sent to the external API (and to any custom --api_gateway you provide); do not point --api_gateway at untrusted services. 2) There is a minor inconsistency between repo URLs in SKILL.md vs README (ZorroShao vs AntalphaAI) — consider verifying the upstream source/maintainer on GitHub. 3) The config stores runtime lambda check functions (FATAL_RULES) — these are executable Python objects (normal here but harder to audit if persisted/serialized). 4) If you want to be extra cautious, run the tool in an isolated environment, review the GoPlus endpoint privacy/terms, and run the included tests (pytest) locally. Overall the skill is internally coherent with no disproportionate credential or install demands.

Review Dimensions

Purpose & Capability: okName/description align with the included Python code and validators. The repo contains a CLI script that fetches token data, runs validators, and computes scores — all appropriate for a token security scanner. No unrelated credentials, binaries, or system‑level access are requested.
Instruction Scope: noteRuntime instructions and the code perform outbound HTTP requests to third‑party endpoints (api.gopluslabs.io) carrying the chain_id and contract_address — this is expected to fetch token indicators, but it does transmit the contract addresses to an external service. The CLI also accepts a --api_gateway argument allowing use of a custom proxy; that is useful but means a malicious gateway could receive query data if supplied.
Install Mechanism: okNo registry install spec was provided, but SKILL.md documents a normal git + pip workflow and requirements.txt only lists 'requests' (and typing-extensions for older Python). There are no downloads from personal servers, IP addresses, or archive extraction steps in the package metadata.
Credentials: okThe skill does not declare or require any environment variables, credentials, or config paths. It operates with provided CLI args and uses public API endpoints — no secret access is requested or implied.
Persistence & Privilege: okalways is false and the skill does not modify other skills or system settings. It does allow autonomous invocation (disable-model-invocation=false) which is the platform default; this is not a red flag on its own and is not combined with broad privileges.