ClawHub

gate-info-riskcheck

v1.0.0

Token and address risk assessment. Use this skill ONLY when the user's query is exclusively about token/contract/address security with no other analysis dime...

0· 54·0 current·0 all-time
bygaixg@gaixianggeng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the behavior: skill is dedicated to token/contract/address risk checks and only requires read access to Gate-Info MCP tools. There are no unrelated environment variables, binaries, or external installs requested.
Instruction Scope
SKILL.md confines runtime behavior to calling the three named MCP read tools and aggregating results into a structured report. It enforces an intent-gate (single-dimension security-only) and requires chain confirmation before calling tools. It references shared runtime rules and optional repository maintenance scripts, but the skill documents that 'apply' requires user confirmation and that only repository-copy scripts affect local repo; this is within scope but reviewers should read the referenced runtime rules before enabling maintenance workflows.
Install Mechanism
No install spec and no code files that would be written or executed on the host; instruction-only skills present minimal disk/write risk.
Credentials
No environment variables, credentials, or config paths are requested. The SKILL.md explicitly states no API key is required. Requested access is proportional to the described read-only MCP interactions.
Persistence & Privilege
always=false and the skill does not request permanent/system-wide changes. Optional local maintenance scripts are present in the repository copy but SKILL.md mandates user confirmation before apply; the skill does not modify other skills or system settings.
Assessment
This skill appears internally consistent and read-only: it calls only Gate-Info MCP tools, asks for no credentials, and is instruction-only. Before installing or invoking it, verify (1) your environment has access to the trusted Gate-Info MCP endpoint the skill expects, (2) the referenced shared runtime rules (../gate-runtime-rules.md and ../info-news-runtime-rules.md) contain no unexpected automation or download steps you don't want the agent to follow, and (3) you will not allow the agent to run any local maintenance 'apply' step without explicit confirmation. If you need broader research (fundamentals, news, sentiment) route to gate-info-research as the skill instructs. If you want extra assurance, inspect the referenced runtime-rule files and confirm the MCP tool names map to known, read-only endpoints.

Like a lobster shell, security has layers — review code before you run it.

latestvk97az118thyzx79qm2jsgm0z3x84csyv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments