ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Helius Openapi Skill

v1.0.0

Operate Helius Wallet API reads through UXC with a curated OpenAPI schema, API-key auth, and read-first guardrails.

0· 92·1 current·1 all-time
by@jolestar
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's description and SKILL.md clearly rely on the 'uxc' CLI and an API key for api.helius.xyz (HELIUS_API_KEY). However the registry metadata lists no required binaries and no required environment variables or primary credential — a mismatch between what the skill needs to operate and what the metadata declares.
Instruction Scope
SKILL.md limits actions to read-only Helius Wallet API endpoints, prescribes X-Api-Key header auth, and includes guardrails to avoid writes. It references a curated OpenAPI schema (both as a local file and a raw GitHub URL). No instructions ask the agent to read unrelated system files or exfiltrate data beyond the Helius endpoints.
Install Mechanism
There is no install spec (instruction-only), which reduces risk. The repo includes a validation script that requires jq and rg; those are development-time checks and not declared in metadata. No downloads or archive extraction are present.
!
Credentials
The SKILL.md explicitly instructs setting HELIUS_API_KEY via uxc credential binding, but the skill metadata does not declare any required environment variables or a primary credential. Requesting an API key for Helius is proportional to the stated purpose, but the omission in metadata is a notable inconsistency and could lead to surprise when the skill tries to use credentials.
Persistence & Privilege
The skill is not always:true, does not request persistent system-wide privileges, and does not modify other skills. Autonomous invocation remains enabled (platform default) but there are no added persistence flags or privilege escalations in the files reviewed.
What to consider before installing
This skill otherwise looks coherent as a read-only Helius Wallet API helper, but before installing: (1) verify the skill's source/trustworthiness since homepage/source are unknown; (2) expect to have the 'uxc' CLI on PATH — the SKILL.md requires it even though metadata doesn't list it; (3) prepare a Helius API key (HELIUS_API_KEY) and bind it with uxc as shown — the metadata omission is likely an oversight but confirm you only grant a key scoped to read operations if possible; (4) review the included OpenAPI schema (references/helius-wallet.openapi.json) and the validate.sh script locally (it needs jq and rg) so you understand what the skill will call; (5) prefer using the bundled local schema rather than fetching the raw GitHub URL if you want to avoid remote schema fetches; and (6) if you plan to allow autonomous agent invocation, enforce agent policies limiting network calls or credential use since the skill will perform real network reads to api.helius.xyz.

Like a lobster shell, security has layers — review code before you run it.

latestvk97frh6ctr53ymdw20wwe33s61836t7k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments