Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
GMGN Skill Swap
v1.2.7[FINANCIAL EXECUTION] Buy and sell meme coins and crypto tokens on Solana, BSC, or Base — single swap, multi-wallet batch trading, limit orders, stop loss, t...
⭐ 1· 141·0 current·0 all-time
by@gmgnai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill is a crypto trading/swap tool and legitimately needs an API key and a private key to sign transactions. However, the registry metadata lists no required environment variables or credentials while SKILL.md explicitly states GMGN_API_KEY and GMGN_PRIVATE_KEY are required. That omission is an incoherence between purpose and declared requirements.
Instruction Scope
SKILL.md instructs the agent to run local commands (e.g., `ifconfig | grep inet6` or `ip addr show | grep inet6`) and to perform an external test request to https://ipv6.icanhazip.com for IPv6 detection. These actions access local system/network state and make outbound requests; they are arguably relevant for troubleshooting network issues but expand scope beyond purely issuing swaps. The doc also forbids webfetch/curl yet asks for an external IP check, which is internally inconsistent.
Install Mechanism
This is an instruction-only skill with no install spec. It expects a `gmgn-cli` binary to exist and to be used for all operations. Not providing an install mechanism is not itself malicious but shifts risk to the provenance of `gmgn-cli` (unknown here). If `gmgn-cli` is not a trusted, verifiable binary, the agent's use of it is a risk.
Credentials
Using a private key and an API key is proportionate for executing on-chain trades. However, requiring (and using) GMGN_PRIVATE_KEY is high-sensitivity: possession of that key grants direct control over funds. The skill fails to declare these required env vars in the registry metadata, which is a serious red flag. The instructions claim the private key is only used for local signing, but there is no code or install spec to verify that behavior.
Persistence & Privilege
The skill does not request always-on presence and has no install scripts or files. It is user-invocable and can be invoked by the agent autonomously (platform default), which is expected for skills of this type.
What to consider before installing
Do not install or run this skill until you verify the provenance of `gmgn-cli` and confirm the registry metadata is corrected. The skill requires GMGN_API_KEY and GMGN_PRIVATE_KEY (the latter can control your funds); only provide a private key if you fully trust the CLI and the skill. Ask the publisher for: (1) a verifiable download/source for gmgn-cli (GitHub release or official domain), (2) an install spec and a privacy statement explaining whether any secrets are ever transmitted, and (3) corrected registry metadata listing required env vars. Test first with an empty or tiny wallet and never paste your raw private key into a UI — prefer hardware wallets or ephemeral signing if supported.Like a lobster shell, security has layers — review code before you run it.
latestvk971e13decq3qvnrr2xsyfhkes84x48s
License
MIT-0
Free to use, modify, and redistribute. No attribution required.