Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Token Analyzer
v2.5.0基于官方 GMGN API 的代币分析工具。通过合约地址查询代币在 SOL/BSC/Base 链上的准确市场数据、安全检测、KOL 分析、开发者分析和 AI 智能分析(叙事/筹码/老鼠仓/机器人)。支持自动识别链。
⭐ 0· 533·3 current·3 all-time
by0xshahai@hanguang254
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code and SKILL.md align with the stated goal of querying GMGN and performing AI analysis (multiple gmgn.ai endpoints are used). However the package does more than the manifest claims: it expects a running Chrome DevTools endpoint and the optional 'bird' CLI for Twitter data, but the skill's metadata does not declare these runtime binaries or credentials. The presence of Ave.ai integration (prod.ave-api.com) is expected for third‑party enrichment but the Ave API key is embedded in code rather than declared as a required credential.
Instruction Scope
SKILL.md explicitly instructs users to stop the built‑in browser, start a Chrome instance with remote debugging on port 9222 and a browser extension, and update ~/.openclaw/openclaw.json to attach — these steps modify local runtime and open a CDP port. The code uses CDP websockets to execute fetch() in the browser context (to bypass Cloudflare). It also calls an external CLI ('bird') from Python to fetch Twitter data. The instructions grant the skill broad ability to control a browser instance on the host and run local subprocesses, which is larger scope than a simple API client.
Install Mechanism
There is no formal install spec (instruction‑only), which minimizes automated install risk, but the SKILL.md and scripts rely on external pieces: a Chrome extension (Chrome Web Store link), a Chrome instance started with specific flags, and optional 'bird' CLI. These are not enforced or declared in the registry metadata. No arbitrary remote downloads or extract operations were found in the install metadata, but the extension link and manual load instructions mean the user must install/enable external components themselves.
Credentials
The repository contains a hardcoded AVE_API_KEY value inside scripts/token_query.py (an embedded secret) rather than declaring it as an input credential — that is a sensitive artifact and an incoherence. The skill also assumes access to localhost:9222 and to run subprocesses (bird CLI) but does not declare these required binaries/configs. No required env vars are declared in metadata despite the presence of service keys and client/device identifiers in code.
Persistence & Privilege
The skill does not request always:true, does not modify other skills' configs, and has no install script that writes persistent agents settings. It only asks the operator to start a browser and update an OpenClaw local config file to attach — ordinary operational steps, not elevated platform privileges.
Scan Findings in Context
[unicode-control-chars] unexpected: The SKILL.md contained unicode control characters detected by the scanner. This can be used for prompt‑injection or to hide instructions; not expected for a normal documentation file and worth manual inspection/cleaning.
What to consider before installing
This skill appears to do what it claims (query GMGN and analyze tokens) but I found several red flags you should consider before installing or running it:
- Embedded secret: scripts/token_query.py contains a hardcoded AVE_API_KEY. Embedded API keys are a security and provenance concern — ask the author to remove it and provide a documented mechanism (environment variable or user-provided key) instead.
- Undeclared dependencies: the SKILL.md and code expect a Chrome DevTools endpoint (CDP on localhost:9222), a specific Chrome extension (OpenClaw Browser Relay), and the external 'bird' CLI for Twitter scraping. The registry metadata does not list these binaries. Ensure you only run this on a trusted machine, and install/inspect the extension and bird CLI from official sources.
- Local CDP risk: the skill instructs you to run Chrome with remote debugging and attach OpenClaw to it. Exposing a CDP port (even bound to localhost) can be risky if other local processes are untrusted. Only start Chrome with CDP bound to 127.0.0.1, and prefer running as a non‑privileged user and in an isolated environment.
- Prompt injection / hidden chars: the SKILL.md contained unicode control characters. Ask the author for a cleaned SKILL.md or manually inspect/copy it into a trusted editor to ensure there are no hidden or malicious instructions.
- Metadata mismatch and provenance: _meta.json and package.json list older versions than SKILL.md, and there's no homepage or clear source. Prefer skills with a known homepage, repo, and author, or ask for origin and changelog verification.
What you can do now:
- Request the author to remove embedded keys and declare required binaries/env vars in metadata.
- Run the code in an isolated environment (VM/container) and review the Chrome extension and 'bird' CLI before use.
- If you don't trust the included Ave key, delete it and supply your own (or disable Ave integration).
- If you want me to, I can: point to the exact lines with the embedded key, extract a cleaned SKILL.md with control characters removed, or produce a checklist of required runtime steps to run this safely in a container.Like a lobster shell, security has layers — review code before you run it.
latestvk97fxkwbcxcvm1wc98v8d131pd82cr8s
License
MIT-0
Free to use, modify, and redistribute. No attribution required.