Skillv1.0.0

ClawScan security

Arbitrage · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 16, 2026, 8:07 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only arbitrage analysis helper that is internally consistent with its description; it stores lightweight user preferences under ~/arbitrage/ but does not request credentials, install software, or perform network access on its own.
Guidance: This skill appears coherent and analysis-only, but it will create and update files in ~/arbitrage/ to store preferences and opportunity notes. Before using it: (1) don't paste API keys, account passwords, or other secrets into the skill's memory files; (2) inspect the created files after first run to confirm no sensitive data is stored and to set appropriate filesystem permissions; (3) limit the skill to user-invoked activation (the registry default) so it won't act without explicit prompts; and (4) if you want the agent to fetch live market data, confirm how it will do so and which endpoints will be used — the skill itself does not include network-fetch code, so any automated fetching should be vetted separately.

Review Dimensions

Purpose & Capability: okName/description (fee-aware arbitrage analysis, sequencing, failure-mode checks) match the files and runtime instructions. The skill is analysis-only and does not claim execution rights; required artifacts (calculator, workflow, venue checks, playbooks) are appropriate for the stated purpose.
Instruction Scope: noteThe SKILL.md and ancillary files instruct the agent to create and maintain a persistent directory at ~/arbitrage/ and store user-stated preferences/opportunities there. That is coherent for a memory-backed analysis skill, but the skill may end up storing any user-provided inputs (which could include sensitive details if the user supplies them). Instructions do not tell the agent to read arbitrary system files or to contact external endpoints automatically; live data is only to be used when the user supplies it or explicitly asks the agent to fetch it.
Install Mechanism: okThere is no install spec and no code is written to disk by the registry. This is an instruction-only skill (lowest install risk).
Credentials: okThe skill requests no environment variables, credentials, or system config paths beyond its own ~/arbitrage/ directory (declared in metadata). No unrelated secrets or services are required.
Persistence & Privilege: noteThe skill uses persistent storage under ~/arbitrage/ for memory and opportunities. always:false and autonomous invocation are default. Persistent storage is reasonable for this skill, but any user-provided sensitive data saved there would be persistent and should be avoided or protected.