Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Goldrush CLI
v3.0.5GoldRush CLI — terminal-first blockchain data tool with MCP support for Claude Desktop and Claude Code. Use this skill whenever the user wants to query block...
⭐ 0· 213·1 current·1 all-time
by@gane5h
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The README describes a Node/npm-based CLI (npx @covalenthq/goldrush-cli, goldrush commands) and expects an API key, but the registry metadata lists no required binaries or primary credential. At minimum this requires Node/npm (npx) or the goldrush binary available on PATH — the metadata omission is an incoherence that could mislead users about runtime requirements.
Instruction Scope
SKILL.md instructs users/agents to run npx to install/authenticate, to store an API key in the OS keychain, and to run goldrush install to register as an MCP tool provider. The 'install' step implies changing agent/host configuration (registering an MCP server, possibly opening ports or writing config). The doc also describes persistent streaming and 'watch' loops (continuous wallet surveillance). While these actions are consistent with the tool's purpose, they expand scope to network exposure, persistent processes, and potential privacy implications and are not fully documented (no details on what files/ports/config are modified).
Install Mechanism
There is no install spec in the skill bundle (instruction-only). The SKILL.md relies on npx to fetch code from npm when executed by the user/agent. That is reasonable, but the skill metadata did not declare any required binaries. Because actual installation would happen via npx (runtime download from npm), users should verify the npm package and publisher before running it.
Credentials
The skill declares no required env vars or primary credential, but the CLI requires an API key (entered via `goldrush auth` and stored in the OS keychain). Storing keys in the OS keychain is more proportionate than requiring broad environment secrets, but the skill does require credentials in practice — the metadata could be clearer about that. No unrelated credentials are requested.
Persistence & Privilege
always: false (good). However, `goldrush install` is described as registering GoldRush as an MCP server/provider for Claude, which can grant the tool the ability to be invoked natively by agents. That is a legitimate capability for an MCP tool but increases blast radius (agent-native invocation + streaming loops). The skill does not itself request persistent inclusion, but users should confirm what 'install' modifies and whether it opens network listeners or registers persistent services.
What to consider before installing
This skill is functionally consistent with a CLI that you would run locally, but there are a few gaps and surface risks to check before using it: 1) The metadata didn't declare required binaries, yet the docs use `npx`/`goldrush` — make sure you have Node/npm and understand that `npx` will fetch and run code from the npm registry. 2) The source and homepage are missing; verify the npm package owner (e.g., @covalenthq) and inspect the package repository and README on npm/GitHub before running `npx`. 3) `goldrush auth` will store an API key in your OS keychain—confirm billing/permissions for the API key provider and avoid pasting secrets into unknown prompts. 4) `goldrush install` registers an MCP provider for Claude and may modify agent or host configuration or open ports; ask for explicit documentation of what files/ports/configs it changes and consider running it in an isolated environment first. 5) Streaming/watch features run continuous processes that can collect surveillance-style data — be cautious about watching wallets you do not own. If you want to proceed, inspect the package source code (on the npm/GitHub repo), or run it inside a sandbox/container until you’ve validated its behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk971evq95dgch3cdkdaesrrfq982kgxe
License
MIT-0
Free to use, modify, and redistribute. No attribution required.