ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

PeerBerry SDK

v1.0.0

Use this skill when assisting with FortressQuant's peerberry-sdk for PeerBerry investor automation, P2P lending education, and alternative-investment onboard...

0· 145·0 current·0 all-time
by@fortressquant
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md, README, and docs consistently describe a PeerBerry Python SDK and methods for read-only and purchase flows — that purpose matches the skill name and description. However, the distributed bundle lacks the package source under src/ (the pyproject exists but the src package files are not present in the manifest), and pyproject.toml declares version 2.0.0 while the registry metadata shows version 1.0.0. This mismatch is an incoherence: the skill expects users to pip-install 'peerberry-sdk' rather than providing the SDK code inline.
Instruction Scope
Instructions are narrowly scoped to PeerBerry account operations (auth, read-only calls, guarded purchase flows). They instruct passing credentials (email/password/tfa_secret) to the SDK (expected). They also document header profile options that accept a filesystem path or env var (peerberry_sdk_HEADER_PROFILE=/path/to/profile.json), which means the SDK can be pointed at arbitrary local JSON files for header injection — this is functionally reasonable but increases the surface for misuse if a user points it at sensitive files. The docs reference tests/.env with PEERBERRY_USERNAME etc., but the skill metadata declares no required env vars — not a direct vulnerability but an inconsistency to note.
!
Install Mechanism
There is no install spec for the skill bundle; the docs instruct users to pip install 'peerberry-sdk'. Because the skill does not include the package implementation (no src/ package files in the manifest), the runtime flow implicitly depends on fetching an external package (PyPI/GitHub). That is a significant coherence gap: an agent using this skill would likely recommend installing an external package whose provenance must be verified. The pyproject lists a dependency on 'cloudscraper', which is plausible but worth verifying. No downloaded URLs or extract steps are included in the skill itself.
Credentials
The skill declares no required environment variables (metadata shows none), which matches the bundle. The SDK documentation expects credentials (email/password/tfa_secret/access_token) to be supplied by the caller — that is expected for an API client. The header_profile_path and peerberry_sdk_HEADER_PROFILE options allow the SDK to read a local JSON file; this capability is reasonable for custom headers but could be abused to load secrets from arbitrary paths if misconfigured. No unrelated credentials (AWS keys, unrelated tokens) are requested.
Persistence & Privilege
The skill does not request persistent/always-loaded privileges (always:false). It contains no install script that would write to system-wide config. The agent would run normally and can autonomously invoke the skill (disable-model-invocation is false), which is the platform default; this is not an additional red flag by itself.
Scan Findings in Context
[no-findings] expected: The static pre-scan reported no regex-based findings. That does not imply safety — many important signals come from instruction content and missing/ambiguous files (see install_mechanism and purpose_capability notes).
What to consider before installing
This skill appears to be documentation and runtime guidance for a PeerBerry Python SDK, but the bundle does not include the actual SDK implementation (no src/ package files were provided) and the packaging metadata/versioning is inconsistent. Before installing or using it: - Do not paste credentials into any public chat. Use local, private execution. - Verify the true source of the package you will install (pip install peerberry-sdk): check PyPI and the GitHub repo referenced in pyproject.toml to ensure you are installing the intended project and version. Confirm author/maintainer identity and read the package code before installing. - Prefer installing into an isolated virtual environment. Inspect the installed package contents (site-packages) after install. - If you plan to run purchase/automation flows, keep DRY_RUN enabled initially and set conservative MAX_ORDERS; test read-only flows first. - The docs allow pointing the SDK at a header profile JSON file (header_profile_path / peerberry_sdk_HEADER_PROFILE). Only use that with files you control; do not point it at system files or shared secrets. What would raise confidence to benign: the skill including the actual src/ implementation, a matching package version and a trusted homepage/repository, or an explicit install spec that points to a verified release artifact (e.g., a GitHub release tarball from the disclosed repo). If you want, I can check PyPI/GitHub for 'peerberry-sdk' and compare the package contents and maintainers to what this skill claims.

Like a lobster shell, security has layers — review code before you run it.

latestvk978md14b2th84gbrt6h7qxgmx83097a

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments