Back to skill
Skillv1.1.0
ClawScan security
LYRA Coin Launch Manager · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 9:22 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code and runtime instructions are consistent with a coin-launch tracking/verification tool; there are no obvious mismatches that suggest intentional misdirection, but some small operational omissions and assumptions increase risk if you install blindly.
- Guidance
- This skill appears to do what it says — fetch Clawnch receipts, normalize them, verify via indexers, and optionally add bookmarks. Before installing or enabling it: 1) Inspect or supply the external helper tools it calls (tools/bookmark_brain_add_url.py) — they may require credentials or have their own behavior; the skill does not declare or manage those secrets. 2) Ensure the Python runtime has the 'requests' package (the scripts will fail otherwise). 3) Review the included scripts to confirm you are comfortable with file writes under workspace/state and workspace/reference and with the network endpoints being contacted (clawn.ch, blockscout, dexscreener, clanker). 4) If you will run this as a cron/monitor, run it in a limited/sandboxed environment first to confirm it behaves as you expect and that no unexpected external endpoints are used. If you need higher assurance, request the source/origin of the skill (homepage/source is unknown) and confirm the bookmark tool's implementation and credential handling before granting it access to bookmark services.
Review Dimensions
- Purpose & Capability
- okName/description (coin launch memory + verification for Clawnch) align with what the code does: fetching launches from clawn.ch, normalizing receipts, verifying via Blockscout/Dexscreener, and adding bookmark links. The requested resources (none declared) are broadly consistent with this purpose.
- Instruction Scope
- noteSKILL.md and the scripts confine their actions to the stated workflow: reading/writing files under the workspace (state/, reference/, brain bookmark paths), calling Clawnch and indexer APIs, and invoking a local bookmarking helper. However the scripts call an external local tool (tools/bookmark_brain_add_url.py) via subprocess without packaging or declaring it; that helper likely requires credentials or other configuration outside the skill's scope. The scripts also perform arbitrary subprocess calls (running other Python scripts) — expected for orchestration but worth auditing the invoked tools and ensuring they are trusted.
- Install Mechanism
- okNo install spec (instruction + included scripts only). This is lower-risk than fetching remote archives. The package includes multiple Python scripts (source provided) and does not download code at runtime. Note: the scripts use the 'requests' library but no dependencies are declared; installation will fail if 'requests' isn't present.
- Credentials
- noteThe skill does not request any environment variables or credentials, and its network calls are to expected endpoints (clawn.ch, clanker.world, base.blockscout.com, api.dexscreener.com). A practical mismatch: adding bookmarks calls tools/bookmark_brain_add_url.py which likely requires bookmark service credentials (e.g., Yandex) that are not declared. If you plan to use the bookmark feature, verify where that tool reads credentials from and whether those credentials are already provisioned in your environment.
- Persistence & Privilege
- okalways is false and disable-model-invocation is default; the skill does not attempt to modify other skills or global agent config. It writes files under workspace (state/, reference/) which is expected behavior for this tool.