ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

coin-news-openclaw

v1.0.0

Collect and summarize cryptocurrency and coin market news with OpenClaw-friendly workflows. Use when users request coin news, crypto news, token-specific new...

0· 46·0 current·0 all-time
byJason@houdl
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, SKILL.md workflow, included YAMLs, and the Python script all align: the skill fetches RSS feeds, uses CoinGecko for dynamic tokens, scores and deduplicates articles, and returns JSON/Markdown digests. Writing a local scoring.yaml for caching dynamic tokens is coherent with the stated behavior.
Instruction Scope
SKILL.md instructions are narrowly scoped to reading references/*.yaml, optionally running scripts/fetch_coin_news.py, ranking/filtering, and returning a digest. However, SKILL.md contains a detected prompt-injection signal (unicode-control-chars) and the JSON example includes non-ASCII/curly quotes — this could be accidental formatting or an attempt to influence downstream processing and should be reviewed.
Install Mechanism
There is no install spec (instruction-only), which minimizes install risk. However, the included Python script imports 'yaml' (PyYAML) and assumes python3; the skill metadata declares no required binaries or packages. The missing declaration of Python/PyYAML is an inconsistency the user should address (or run in an environment where PyYAML is present).
Credentials
The skill requests no environment variables, no credentials, and accesses only public RSS feeds and CoinGecko (no API key). Network access to those public endpoints is required and proportionate. The script writes/updates scoring.yaml in the skill directory to cache dynamic tokens — this local file write is expected but worth noting.
Persistence & Privilege
The skill does not request permanent/global privileges and 'always' is false. It modifies only its own scoring.yaml (caching dynamic tokens), which is consistent with its purpose and does not appear to alter other skills or system-wide settings.
Scan Findings in Context
[unicode-control-chars] unexpected: SKILL.md triggered a unicode-control-chars detection. The file also contains non-ASCII/curly quotes in the JSON example. This may be harmless formatting, but it could also be an attempt to influence prompt parsing or to hide content. Inspect SKILL.md for hidden characters and normalize quotes.
What to consider before installing
This skill appears to do what it claims: fetch RSS crypto news, score, dedupe, and output a digest. Before installing or running it, consider: 1) Run it in a sandboxed environment because it makes outbound network calls to CoinGecko and the RSS URLs listed in references/sources.yaml. 2) Ensure python3 and PyYAML (yaml) are installed (the script imports 'yaml' but the skill metadata does not declare it). 3) Review and approve the sources.yaml and scoring.yaml contents (the script will write/update references/scoring.yaml to cache dynamic tokens). 4) Inspect SKILL.md for the reported unicode control characters and replace smart quotes with standard ASCII quotes in the JSON example to avoid parsing surprises and rule out prompt-injection attempts. 5) If you require stricter controls, ask the author to: declare runtime dependencies, remove or explain any non-printable characters, and optionally add an install spec that pins trusted package versions. If these points are addressed, the skill looks coherent; if not, treat it cautiously or run it only in an isolated environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk9705bsfdh8eewkqk29vd20d4983mxq6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments