Skillv1.2.8

ClawScan security

GMGN Skill Token · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 29, 2026, 8:48 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions match its stated purpose (token research) but contain important inconsistencies and risk signals: it expects a GMGN API key stored in ~/.config/gmgn/.env and to install/run an npm package (gmgn-cli) even though the registry metadata declares no required credentials or install steps, and the runtime instructions include local network probing and external network calls — proceed only after verifying the gmgn-cli source and the API-key handling.
Guidance: Before installing or using this skill: (1) Confirm the gmgn-cli package's upstream source (GitHub repo or vendor site) and review its code or at least its publisher — do not blindly run `npm install -g gmgn-cli` from an untrusted package. (2) Ask the skill author/registry to declare required credentials (GMGN_API_KEY) in the metadata so you can assess credential scope. (3) Keep any API key used here in a least-privilege account and consider using a throwaway/test key first. (4) Because the instructions require running local network checks and hitting an external IP-check service, run the tool in an isolated environment (VM or container) if you proceed. (5) If the author cannot provide a verifiable package homepage or repository and provenance for gmgn-cli, treat the package as untrusted and do not install globally.

Review Dimensions

Purpose & Capability: concernThe skill's claimed purpose (token research via GMGN) reasonably requires a GMGN API key and a gmgn-cli client, which the SKILL.md mentions. However, the registry metadata lists no required environment variables or primary credential while the runtime instructions explicitly require a GMGN_API_KEY stored at ~/.config/gmgn/.env. That mismatch between what the skill needs and what the registry declares is an incoherence.
Instruction Scope: concernThe SKILL.md strictly instructs the agent to use gmgn-cli and not to use web search or curl. It also tells the operator to run local network inspection commands (ifconfig/ip addr) and to hit https://ipv6.icanhazip.com to check IPv6 routing. Those steps access local network configuration and make external network requests unrelated to reading token data itself, which broadens scope and could leak host network details.
Install Mechanism: concernThere is no formal install spec in the registry, but the documentation tells users to run `npm install -g gmgn-cli` if missing. Global installation of an npm package installs third-party code on the host and can execute arbitrary scripts; with no repository, homepage, or verified source provided (source: unknown, homepage: none), this is a non-trivial risk and disproportionate to the registry metadata's 'no install' declaration.
Credentials: concernThe skill requires a GMGN_API_KEY (per SKILL.md) stored in a user config path, yet the registry metadata lists no required env vars or primary credential. Requiring a private API key and a user config file is plausible for this purpose, but failing to declare it in the skill metadata is a red flag. The SKILL.md also references reading local network state; that access isn't justified by the metadata.
Persistence & Privilege: okThe skill is instruction-only, has no install manifest in the registry, does not request 'always: true', and does not modify other skills or system-wide settings. It does ask for storing/reading an API key in the user's ~/.config/gmgn/.env, but that is local to the tool and not an elevated platform privilege.